Allow to specify a client certificate to be used to connect to GitLab

[derkork]

We have to use some GitLab installation of our client and they chose to require a client certificate in order to open the HTTPs connection to it. This works fine in a browser however inside of the plugin I have no way of specifying a client certificate. Could you add a setting where I can set up a client certificate and use that to connect to GitLab?

[nhat-phan]

Could you please try adding custom certificate to the IDE or using an option "Ignore any SSL certificate errors" in connection settings (Go to Configuration > Merge Request Integration > Gitlab).

[derkork]

Sorry, I have not explained myself in an understandable way. I'm talking about a client certificate, not a server certificate - e.g. a certificate that the client sends when a HTTPs connection is built up. It is some sort of authentication. It is supported natively in browsers but not much anywhere else.

So basically when the client establishes a connection to the server, it needs to send a certificate that authenticates the user (client authenticated TLS handshake: https://en.wikipedia.org/wiki/Transport_Layer_Security#Client-authenticated_TLS_handshake). If the client does not send a certificate, the server will refuse to even build up a connection (you get a SSL handshake failed error). This is different from the case where the server uses a self-signed or some internal CA-signed server certificates (this could be worked around by adding the server certificate to the IDEs keystore or using the ignore checkbox you mentioned).