Do not verify certs when using custom host and default certs#8034
Do not verify certs when using custom host and default certs#8034spalger merged 2 commits intoelastic:masterfrom
Conversation
| this.proxyAgent = new HttpsAgent({ | ||
| ca: readFileSync(cert) | ||
| }); | ||
| const httpsAgentConfig = {}; |
There was a problem hiding this comment.
why didn't HttpAgent API do the sensible thing and call the property allowUnauthorized, and not have a falsy value default to true. ;)
|
LGTM I like how this preserves the default startup behaviour in -dev, but overriding the |
|
I'll check this out on monday, I wanna test it with a couple VMs to make sure all is good! |
|
@spalger I ran But I'm getting a page with the following JSON when I try to access Kibana at the url:
Am I forgetting something? |
8c5bb8e to
5183efd
Compare
|
@Bargs my bad, I forgot that the ssl config is defined via the |
|
It works! 🎆 LGTM - thanks for figuring out a solution to this @spalger, it's going to make IE dev a lot easier |
…rsInDev Do not verify certs when using custom host and default certs Former-commit-id: 19a8738
When running kibana in dev mode, the
basePathProxyis active by default and requires that the hostname matches the hostname embedded in the ssl certificates used. This causes an issue when the--hostcli arg is passed and blocks access to kibana via the proxy.To fix that we disable ssl verification between the basePathProxy and the kibana server when the host is customized but the ssl certs are not (meaning the bundled dev certs will be used).