[feature] Allow users to skip http client tls verification for testing purposes (with appropriately loud warnings) (#2052)

2025-06-05 21:59:39 +02:00 · 2023-08-01 19:50:17 +02:00
parent 9bd03e122e
commit 2be83fdca5
10 changed files with 98 additions and 16 deletions
--- a/docs/configuration/httpclient.md
+++ b/docs/configuration/httpclient.md
@@ -53,4 +53,16 @@ http-client:
  # Both allow-ips and block-ips default to an empty array.
  allow-ips: []
  block-ips: []
+
+  # Bool. Disable verification of TLS certificates of remote servers.
+  # With this set to 'true', GoToSocial will not error when a remote
+  # server presents an invalid or self-signed certificate.
+  #
+  # THIS SETTING SHOULD BE USED FOR TESTING ONLY! IF YOU TURN THIS
+  # ON WHILE RUNNING IN PRODUCTION YOU ARE LEAVING YOUR SERVER WIDE
+  # OPEN TO MAN IN THE MIDDLE ATTACKS! DO NOT CHANGE THIS SETTING 
+  # UNLESS YOU KNOW EXACTLY WHAT YOU'RE DOING AND WHY YOU'RE DOING IT.
+  #
+  # Default: false
+  tls-insecure-skip-verify: false
 ```