Skip to content

add global option to disable TLS validation #755

New issue
New issue
Open
Open
add global option to disable TLS validation#755
Labels
component/ocm-cliOCM Command Line Interfacekind/featurenew feature, enhancement, improvement, extensionlifecycle/staleNobody worked on this for 6 months (will further age)
@ccwienk

Description

@ccwienk
ccwienk
opened on Apr 30, 2024

What would you like to be added

Add a (global) flag to disable TLS validation for OCM-CLI's commands. Inspired by curl, the flag might be named --insecure, but any name will do.

Why is this needed

For development purposes, there may be cases where no valid certificate is available in a testing environment (e.g. if using a self-signed certificate). Having the option to disable TLS validation will be handy in such cases.

One might also consider productive scenarios, where, through a misconfiguration, TLS validation fails, and OCM-CLI is needed to perform urgent tasks that would otherwise be blocked by TLS validation issues.

Admittedly, those are exceptional and corner-cases. However, most other tooling supports explicit disabling of TLS validation, including e.g. package-managers (apt, apk, pacman), HTTP-APIs for all programming languages, HTTP-tools, such as curl or wget, ... - even security-aware tools such as ssh offer disabling of checks / unsafe mode of operation.

Metadata

Metadata

Assignees

No one assigned

    Labels

    component/ocm-cliOCM Command Line Interfacekind/featurenew feature, enhancement, improvement, extensionlifecycle/staleNobody worked on this for 6 months (will further age)

    Type

    No type

    Projects

    OCM Backlog Board

    Status

    🆕 ToDo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions