Allow Sonarr/Radarr self-signed certs

sct / overseerr

Request management and media discovery tool for the Plex ecosystem

https://overseerr.dev

MIT License

3.72k stars 435 forks source link

Allow Sonarr/Radarr self-signed certs #293

Open ghost opened 3 years ago

ghost commented 3 years ago

Is your feature request related to a problem? Please describe. We can enable SSL with sonarr and radarr but there isn't an option to allow self-signed certificates It's reported as an error. [error][Radarr]: [Radarr] Failed to retrieve profiles: self signed certificate

Describe the solution you'd like Maybe a checkbox saying "Allow self-signed certificates"

chriscpritchard commented 3 years ago

Do you want to assign this to me and I'll take a look over the next week or so?

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Ksdmg commented 1 year ago

Is it somehow possible? I have installed Overseerr through snap. Sonarr/Radarr can only be reached through reverse proxy with self signed certificate (internal CA). I tried adding the root CA certificate on the overseerr host, but I still get unable to get local issuer certificate.

Ksrx01 commented 11 months ago

Would be interested too. Also, if I'm not mistaken, it's possible to use self-signed certificates when connecting to radarr/sonarr, but not plex itself. I'm really wondering what's the reason behind that.

karelkryda commented 8 months ago

Installing the root CA certificate using update-ca-certificates did not help and I kept getting the error Failed to retrieve profiles: self signed certificate in certificate chain.

I solved this by setting the NODE_EXTRA_CA_CERTS variable to the path of my root certificate and now I have the option to use a self signed certificate to communicate with the Radarr/Sonarr server.

simcen commented 1 month ago

For everyone struggling with this, I have a working workaround by setting the env variable NODE_TLS_REJECT_UNAUTHORIZED=0, e.g. in docker-compose:

---
services:
  overseerr:
    image: lscr.io/linuxserver/overseerr:latest
    container_name: overseerr
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Zurich
      - NODE_TLS_REJECT_UNAUTHORIZED=0
    volumes:
      - /mnt/docker/overseerr/config:/config
    ports:
      - 5055:5055
    restart: unless-stopped
    networks:
      - web

networks:
  web:
    external: true
    name: proxy