Closed aharbick closed 4 years ago
See: https://github.com/igrigorik/em-http-request/issues/339
I think this is basically the code. I'd open a PR but I couldn't figure out how to get the tests to pass.
diff --git a/lib/billy/handlers/proxy_handler.rb b/lib/billy/handlers/proxy_handler.rb index baa4af4..49ce41f 100644 --- a/lib/billy/handlers/proxy_handler.rb +++ b/lib/billy/handlers/proxy_handler.rb @@ -15,6 +15,7 @@ module Billy if handles_request?(method, url, headers, body) opts = { inactivity_timeout: Billy.config.proxied_request_inactivity_timeout, connect_timeout: Billy.config.proxied_request_connect_timeout } + opts.merge!(tls: {verify_peer: true}) if url =~ /^https/ if Billy.config.proxied_request_host && !bypass_internal_proxy?(url)
All of the HTTPS tests fail with this error
123145345359872:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1915
I suspect a lot of non-production environments would have invalid/missing certs, so maybe the default should be verify_peer: false and make it configurable for your needs?
verify_peer: false
Created PR as #294
See: https://github.com/igrigorik/em-http-request/issues/339
I think this is basically the code. I'd open a PR but I couldn't figure out how to get the tests to pass.
All of the HTTPS tests fail with this error