Ocelot
Ocelot copied to clipboard
Ignore remote certificate validation errors if accept any configured
We can not use WebSocket SignalR protocol in Ocelot with self-signed certificate on downstream service side because DownstreamRoute.DangerousAcceptAnyServerCertificateValidator not used to skip ClientWebSocket's remote certificate validation.
Fixes / New Feature #
Proposed Changes
any chance this gets reviewed? Currently in the same situation of needing to connect to a SignalR endpoint via wss with untrusted selfsigned cert at dev time
Some updates about this?
Some updates about this?
we eventually moved to YARP..
@abelevtsov Does YARP has all the features of the Ocelot such as Authentication, Delegation Handler, Header Transform etc?
@PratikPatel-Mtech yes it have:
- https://microsoft.github.io/reverse-proxy/articles/authn-authz.html
- https://microsoft.github.io/reverse-proxy/articles/transforms.html
- https://microsoft.github.io/reverse-proxy/articles/middleware.html
- and much more over
Hey - is this to be fixed? We have the same problem: unable to use SignalR with self-signed dev certificate.
@abelevtsov Hi Aleksandr! What issue is this PR related to?
Please note, Ocelot does not support wss-protocol. So, you cannot use WebSocket Secure vs SignalR. Moreover, SignalR is supported only for legacy HTTP1 pairing. See more here: #1636
@abelevtsov commented on Sep 9, 2022
Sad to hear about this fact, man! 😢
What is the reason of moving to Yarp? Inability to use self-signed certificates for Web Socket client?! Or is there another reason...
Duplicate of #1377
Hey, @abelevtsov @zewa666 @thomaschampagne @PratikPatel-Mtech @alexandis Please, watch for #1377 and enable notifications. Going to close this PR... Hope you will contribute to Ocelot project in coming future. 😉