Kreya icon indicating copy to clipboard operation
Kreya copied to clipboard

Published 20 hours ago verified publisher icon riok

Set enable/disable for server certificate from environment variable

Open renaudjester opened this issue 2 years ago • 2 comments

I work with many environments that I can call: one per git branch + a local one. The problem is that my local environment is http while all my remote ones are https.

Hence, I want to be able to set the "server certificate validation" depending on an environment variable. For example: "enable.server_certificate_validation = false". The point would be to be able to change this value in the settings to call the endpoint but also and most importantly in the importers.

Another solution, that would be closer to how Kreya is done right now, would be to change the importers settings depending on the environment like it is supposed to be with the "Default Settings". However, this function is not working right now for the "Default settings".

Example: Environments:

{
"develop" : {
    "branchName": "develop",
    "prefix": "https://",
    "server_certificate_validation": true,
    },
"local": {
    "branchName": "local",
    "prefix": "http://",
    "server_certificate_validation": false,
    },
}

Expected importer (the feature how I see it):

{
"name" : "my-service-importer",
"endpoint": "{{env.prefix}}my-service-{{env.branchName}}.myendpointaddress.com",
"server-certificate-validation": "{{env.server_certificate_validation}}"
}

renaudjester avatar Jan 12 '23 13:01 renaudjester

Your setup is mostly correct. However, when using a HTTP URL locally, you do not need to disable the certificate validation. Disabling certificate validation is only needed when using HTTPS with a self-signed (or otherwise invalid) server certificate.

If you need to disable the server certificate validation for a specific environment, you can use the Default Settings as described here: https://kreya.app/docs/default-settings/#default-settings-for-a-specific-environment.

The default settings and environment features currently have some bugs (#120 and #123). They are fixed on the alpha release channel (Kreya -> About -> change "release channel" to Alpha -> search for updates).

CommonGuy avatar Jan 12 '23 14:01 CommonGuy

Thanks for your answer :D

You are totally right, I can use local http with the server certificate validation enabled so that's perfect. (I haven't seen it) All right can't wait for the bugs to be corrected then!

I still think that having environment specific importers could be a nice feature.

renaudjester avatar Jan 12 '23 16:01 renaudjester