NJsonSchema icon indicating copy to clipboard operation
NJsonSchema copied to clipboard

Published 20 hours ago verified publisher icon RicoSuter

Ignore invalid https certificates

Open Itori opened this issue 6 years ago • 5 comments

With NSwagStudio, when i try to import a Swagger Specification with an url, i get an error because i'm pointing to a development server, who doesn't have a trusted certificate for ssl.

I wanted to add an option to DynamicApis to allow that, but it's impossible with the dynamic types used there.

Is there a reason not to use Preprocessor directives to choose the right class for each target framework ?

Itori avatar Feb 22 '19 16:02 Itori

Is there a reason not to use Preprocessor directives to choose the right class for each target framework ?

The original idea (from the .NET Standard 1.0/PCL era) was to have the exact same behavior in each target framework... but in this case I think it's ok to only support this for all supporting target frameworks (e.g. netfx, netstandard2.0, core...)

RicoSuter avatar Feb 25 '19 08:02 RicoSuter

Cert check is now disabled in NSwagStudio but when running the same in CLI it will probably fail - because the check is not disabled there: https://github.com/RicoSuter/NSwag/commit/69d5d3730d69b9d89e1d5745506c1f320ebaad3b

RicoSuter avatar Apr 11 '19 17:04 RicoSuter

@RicoSuter any chance this might reach CLI tools?

namtab00 avatar May 15 '20 20:05 namtab00

@Itori As a workaround, are you able to trust the root CA from the development server?

It would seem more secure to allow an additional (list of) CA certificates to be trusted, such as described here: https://www.meziantou.net/custom-certificate-validation-in-dotnet.htm. This may be a little tricky using DynamicApis, but should be possible.

RodneyRichardson avatar Jan 05 '22 17:01 RodneyRichardson

@RicoSuter sorry to necro the thread but it's not working with latest nswagstudio v13.12 image

JustinGrote avatar Oct 24 '23 18:10 JustinGrote