search

gotify / cli

A command line interface for pushing messages to gotify/server.
MIT License
444 stars 58 forks source link

Add environment variable to set root CA for TLS verification #65

Closed DCsunset closed 4 months ago

DCsunset commented 4 months ago

This PR adds an environment variable to set custom root CA for TLS verification. This option is safer than skipping TLS verification when using a self-signed certificate.

Furthermore, I believe it's more convenient to add a field in the config file (like TLSRootCA) that can be created during gotify init. I can continue implementing it if we agree on this idea.

DCsunset commented 4 months ago

Thanks for your comment. Here are my thoughts on this:

As for your suggestions, I also agree it's useful to allow pinning a certificate. I'll add the option later.

eternal-flame-AD commented 4 months ago

@DCsunset

It's true that Let's Encrypt has already been commonly used. But when a user doesn't have a domain or they want to set up the server in a local area network with custom domain, they still need to resort to self-signed cert.

That makes sense. I agree this PR is useful in these cases. I think after the above concerns are addressed I agree this can be merged. My logic was most people in this situation would just want to pin a specific certificate instead of having their own custom CA and signing their own local domains so we should make pinning work as well aside from only allowing custom CAs. (like, I never heard anyone use a CA SSH key and sign their own machines, they just compare the fingerprint and trust)

I don't think it's secure to add one's own CA to system pool. As anyone who has access to your CA can perform MITM attack on any website you visit.

It depends on your use case, I was talking about those people who have like centralized SSL-intercepting firewalls, like a company or something.