Open mefellows opened 4 months ago
This just disables the TLS certificate verification (hostname and expired status checks). But you still need a non-garbage cert to do TLS. The downstream problem seems to be with dodgy certs in the cert store.
That might be true, but the question is - does the code take effect if there was a non-garbage but invalid/self-signed cert?
The upstream bug might be due to a garbage cert (it's hard to tell without the cert)
See https://github.com/pact-foundation/pact-net/issues/488.
I'm wondering if this ever worked. Given that we use
rustls-tls-native-roots
, thereqwest
library seems to only support for other types:Am I reading this code correctly?