Open SamJakob opened 12 months ago
I'd support adding an additional configuration option to allow self-signed certs.
I skipped checking the certificate where the code creates http.client and it works fine now
tr := &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
}
// 创建一个基于自定义Transport的HTTP客户端
client := &http.Client{
Transport: tr,
}
I created a patch file for the issue. The approach is same with @ispy1. :) you can refer below link.
https://github.com/hoppscotch/hoppscotch/issues/882#issuecomment-2029625033
It would seem (according to an email report) that upstream self-signed certificates do not work, this needs to be checked.
Then, we need to figure out whether self-signed or invalid certificates should be allowed by default. I don’t see a security risk from doing that but it might make debugging harder or more confusing because we would bypass those issues.
I’m thinking the best option is to add it behind a flag.