Skip to content

Disable verification of server cert#22

Merged
ickerwx merged 1 commit intoickerwx:masterfrom
AdrianVollmer:no_verify
Oct 22, 2020
Merged

Disable verification of server cert#22
ickerwx merged 1 commit intoickerwx:masterfrom
AdrianVollmer:no_verify

Conversation

@AdrianVollmer
Copy link
Copy Markdown
Contributor

@AdrianVollmer AdrianVollmer commented Oct 22, 2020

I'm not sure when this happened, because surely we would have noticed this before, but I couldn't connect to a target service with an unverifiable certificate. I suspect it's this:

Changed in version 3.7: verify_mode is now automatically changed to CERT_REQUIRED when hostname checking is enabled and verify_mode is CERT_NONE. Previously the same operation would have failed with a ValueError.

This PR disables certificate verification.

Clearly we don't really care about certificate validation. If you disagree, we could create a new parameter -k like in curl, to disable certificate validation by request and enable it by default.

@ickerwx
Copy link
Copy Markdown
Owner

ickerwx commented Oct 22, 2020

Nah, we don't need a switch for that, I don't see any user of the proxy caring about cert validation. The proxy has enough switches already 😆

@ickerwx ickerwx merged commit 9d46070 into ickerwx:master Oct 22, 2020
@AdrianVollmer AdrianVollmer deleted the no_verify branch October 23, 2020 10:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AdrianVollmer @ickerwx