search

thinksabin / DTrackAuditor

DTrackAuditor is the python script to faciliate usage of DependencyTrack in the CI.
Apache License 2.0
10 stars 11 forks source link

Support HTTPS requests with corporate CA cert chain (or self-signed) #28

Closed jimklimov closed 1 year ago

jimklimov commented 1 year ago

Currently requests to HTTPS-protected Dependency-Track instances fail if the server uses a certificate not from a "well-known" CA (provided by OS or tediously added into its trust stores).

This PR allows users to provide a custom file with the (complete! server->intermediateCA->rootCA) certificate chain needed to trust the server, using envvars or command line. Alternately, a none (None, False) may be specified instead of a filename to trust any HTTPS server lazily.

No-op for plain HTTP servers (e.g. default access to DT API server).

NOTE: This PR covers one of several features we needed to add or fix, to simplify the targeted review. It is recommended to merge in fact the PR #29 (which combines this one and some others) in one simple swoop :)

jimklimov commented 1 year ago

Closing since the super-PR was merged.