servers icon indicating copy to clipboard operation
servers copied to clipboard
verified publisher icon modelcontextprotocol

mcp-server-fetch SSL verify Off

Open random-robbie opened this issue 1 year ago • 7 comments

Is your feature request related to a problem? Please describe. I need to fetch some local systems with either self-signed or invalid SSL i.e when using DDEV deployments.

Currently fetch refuses to connect to the DDEV server hosted on the same machine as claude due to SSL issues.

Describe the solution you'd like Id like a flag to enable ignore bad ssl certificates to allow it to communicate with my ddev server.

Describe alternatives you've considered None as proxying would also require a SSL cert issue.

random-robbie avatar Jan 11 '25 07:01 random-robbie

I set up the MCP with the flag ?sslmode=require in the connection string. This normally would tell a postgres client that CA verification is not needed. But the MCP still complains that the certificate is self-signed.

GeertJohan avatar Mar 31 '25 08:03 GeertJohan

I set up the MCP with the flag ?sslmode=require in the connection string. This normally would tell a postgres client that CA verification is not needed. But the MCP still complains that the certificate is self-signed.

Same problem (

Stefs-2142 avatar Apr 02 '25 13:04 Stefs-2142

Same here ...

rlacotte avatar Apr 09 '25 08:04 rlacotte

I was able to workaround this when connecting to an RDS postgres server by specifying the root cert in the connection string:

postgresql://username:password@pghost:5432/db_name?sslmode=allow&sslrootcert=/cert.pem

A list of downloadable certs are here: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html

I downloaded the pem for my region, renamed it as 'cert.pem' and mounted it as /cert.pem in container.

leonowski avatar Apr 25 '25 00:04 leonowski

using sslmode=require&sslrootcert=/path/to/cert.crt I was able to get it to work with digitalocean https://chatgpt.com/share/6828e4e9-f4f8-8007-8c18-8991c7081ed6 https://github.com/modelcontextprotocol/servers/issues/1803#issuecomment-2888551526

Connoropolous avatar May 17 '25 19:05 Connoropolous

open the installation location of the Python library, for example, site-packages\mcp_server_fetch, and modify function in server.py. The function uses httpx, so change the corresponding line to: async with AsyncClient(verify=False) as client: This will disable certificate verification.

MarxICB avatar Jul 02 '25 12:07 MarxICB

if you are using StdioServerParameters and getting the error use server_params = StdioServerParameters( command="npx", args=["-y", "@openbnb/mcp-server-airbnb", "--ignore-robots-txt"], env= { "NODE_TLS_REJECT_UNAUTHORIZED": "0" } ) env= { "NODE_TLS_REJECT_UNAUTHORIZED": "0" } like this

nayannandakumar1698-cloud avatar Dec 01 '25 07:12 nayannandakumar1698-cloud