search

microsoft / typed-rest-client

Node Rest and Http Clients with typings for use with TypeScript
Other
675 stars 118 forks source link

Consider Certs In NODE_EXTRA_CA_CERTS #166

Closed Jacksondr5 closed 4 years ago

Jacksondr5 commented 5 years ago

Feature Request

Consider certificates referenced by NODE_EXTRA_CA_CERTS

Impacted Code

https://github.com/microsoft/typed-rest-client/blob/c99dbbeba106d4ca59b62a320923eed9b9a6c223/lib/HttpClient.ts#L124-L142

A check for the env variable should probably happen around here. I'm not sure if it would be better to have the ICertConfiguration options merge with anything found in the environment variable or just overwrite the environment variable in favor of the supplied certs.

Use Case

As the node PR explains, self-signed certs are commonly used in closed environments.

My organization has recently encountered this problem with several TFS extensions. Using the environment variable solved the problem when extensions were using node HTTP clients, but there are a few extensions that use this library and do not surface a way for us to provide certs example from NuGetToolGetter

I'm happy to take a stab at it if desired.

jtpetty commented 4 years ago

@Jacksondr5 - I think the issue is that by default, the agent uses Node 6 and NODE_EXTRA_CA_CERTS was added in Node 7.3.

Can you try setting the environment variable AGENT_USE_NODE10=true for your job and then try using the NODE_EXTRA_CA_CERTS variable?

Jacksondr5 commented 4 years ago

@jtpetty Thanks for the reply. We'll try that environment variable out and let you know how it works

Jacksondr5 commented 4 years ago

@jtpetty Unfortunately, that didn't seem to have any effect. We're still seeing certificate errors.

jtpetty commented 4 years ago

@mjroghelia - Can you take a look at this one?

github-actions[bot] commented 4 years ago

This issue has had no activity in 90 days. Please comment if it is not actually stale