search

hoppscotch / proxyscotch

📡 A simple proxy server created for https://hoppscotch.io
https://hoppscotch.io
MIT License
369 stars 97 forks source link

Failed to verify certificate #88

Open Caelebs opened 9 months ago

Caelebs commented 9 months ago

I have an HTTPS service with a certificate issued based on a domain name, but proxyscotch tells me that it cannot validate the certificate when I access it from an IP address in a development environment. Is there any option or configuration to turn off certificate validation? Just like Insomnia, I can uncheck "Validate certificates".

proxyscotch  | 2024/02/26 15:10:51 Failed to write response body: Post "https://10.10.10.109:10010/robot/controlTask": tls: failed to verify certificate: x509: cannot validate certificate for 10.10.10.109 because it doesn't contain any IP SANs

Here's my compose config file

version: '3.8'

services:
  proxyscotch:
    image: hoppscotch/proxyscotch:latest
    container_name: proxyscotch
    hostname: proxyscotch-1
    ports:
      - '9159:9159'
    restart: always
    networks:
      - default
networks:
  default:
    external: true
    name: demo_default
SamJakob commented 9 months ago

Looks like this will require a code tweak to expose this as a config option. I'll look into this.

r-brown commented 8 months ago

Got similar error while proxying requests to the https with the self-signed certificate: Failed to write response body: Post "https://host" tls: failed to verify certificate: x509: certificate signed by unknown authority

@SamJakob any plans to add support for that soon?

Caelebs commented 7 months ago

You can modify line 319 in the libproxy/proxy.go file to be as follows:

var client = &http.Client{  
    Transport: &http.Transport{  
        TLSClientConfig: &tls.Config{  
            InsecureSkipVerify: true,  
        },  
    },  
}

Then repackage the docker image. @r-brown

XiEdAotonG commented 2 months ago

You can modify line 319 in the libproxy/proxy.go file to be as follows:

var client = &http.Client{  
  Transport: &http.Transport{  
      TLSClientConfig: &tls.Config{  
          InsecureSkipVerify: true,  
      },  
  },  
}

Then repackage the docker image. @r-brown

sorry , I can not find this code in the libproxy/proxy.go

gtouati commented 1 month ago

Replace that with the provided snippet from previous answer and don't forget to import "crypto/tls" https://github.com/hoppscotch/proxyscotch/blob/cc0c4c79ae8bb001d731bdfc13d6917dbc3d46f0/libproxy/proxy.go#L316