feat: add --skip-tls-verify option to accept self-signed certs

matusf / openapi-fuzzer

Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!

GNU Affero General Public License v3.0

526 stars 22 forks source link

feat: add --skip-tls-verify option to accept self-signed certs #34

Closed nponsard closed 10 months ago

nponsard commented 11 months ago

I have an use case where I test an API that is accessible only via HTTPS and has a self-signed cert. This PR adds the global option --insecure-cert that "disables" the certificate verification step of ureq.

It also changes the code to use a single ureq agent for all requests, allowing connection pooling.

nponsard commented 10 months ago

Hi ! I implemented the changes you suggested, let me know if you need me to change something else.

matusf commented 10 months ago

Thank you, awesome work!