The request library used to query the server allows to specify several client options. Some of them are related to the client certificate, the self-signed certificate validation and others.
It is possible to make this option configurable from the hook script or from the command line?
In order to use your applicaiton with a http server with self signed certificate I added this line in the file lib/transaction-runner.js:
88: return function() {
89: if (_this.hookHandlerError) {
90: return callback(_this.hookHandlerError);
91: }
-> if(hooks.configuration) _this.configuration.http = hooks.configuration.http;
92: return async.timesSeries(transactions.length, function(transactionIndex, iterationCallback) {
93: transaction = transactions[transactionIndex];
94: logger.verbose("Processing transaction #" + (transactionIndex + 1) + ":", transaction.name);
95: logger.verbose('Running \'beforeEach\' hooks');
With this change I can now configure the request library options from my hook file:
...
hooks.beforeAll(function (transactions, done) {
// Allow server self-signed certificates
hooks.configuration.http.rejectUnauthorized = false;
// Set client certificate
hooks.configuration.http.cert = fs.readFileSync(certFile);
hooks.configuration.http.key = fs.readFileSync(keyFile);
done();
});
...
I would be quite cautious exposing the whole options, but from the description I understand you need it primarily for testing an API with complex SSL setup - certs, keys, etc. This would be related to https://github.com/apiaryio/dredd/issues/323. Let me rename your issue to "Support SSL certificates".
Yes, you are right about the exposing of the whole options object.
I have done this only to have access to the SSL setup using one line of code.
I just added this.configuration.http.rejectUnauthorized = false, in the following code block, to dredd.js and that unblocked me. Figured I'd drop this in here for others running into this challenge.
// This is here only because there there is no way how to spy a constructor in CoffeScript
init(config) {
this.configuration = applyConfiguration(config);
this.configuration.http = {};
this.configuration.http.rejectUnauthorized = false
this.tests = [];
this.stats = {
You don鈥檛 need change code, just set env variable as dirty hack.
process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0;
Most helpful comment
You don鈥檛 need change code, just set env variable as dirty hack.