Project

General

Profile

Actions

Architecture #15513

closed

Make certificate verification in HTTP calls configurable

Added by Alexis Mousset over 4 years ago. Updated almost 2 years ago.

Status:
Released
Priority:
N/A
Category:
Agent
Target version:
Effort required:
Name check:
To do
Fix check:
To do
Regression:

Description

Currently all HTTP calls (reporting, inventory, API, etc.) disable certificate validation.

We can make it configurable based on a system variable, to allow users having a certificate infrastructure in place to verify certificates.

This change needs to be done in both techniques and agent scripts.

The default behaviour needs to stay the current one for compatibility.


Subtasks 4 (0 open4 closed)

Architecture #15514: Make certificate verification in HTTP calls configurable - techniquesReleasedNicolas CHARLESActions
Architecture #15518: Make certificate verification in HTTP calls configurable - ncfReleasedNicolas CHARLESActions
Architecture #15516: Add new system variable for certificate validationRejectedActions
Architecture #15517: scala code for handling the system variable and setting it with APIReleasedVincent MEMBRÉActions

Related issues 3 (0 open3 closed)

Related to Rudder - Architecture #15515: Document how to use an existing X509 PKI to secure Rudder node-server communicationRejectedActions
Has duplicate Rudder - User story #11835: Make curl invocation's ignore certificate configurableRejectedActions
Has duplicate Rudder - User story #9624: Add an option to check server certificate when sending inventoryRejectedActions
Actions

Also available in: Atom PDF