HTTPS prevents marksman agent to communicate with Snipe-IT server

[brunotvaz]

Hi Guys,

1st let me CONGRATULATE all of you for your hard work and dedication to this project. THANK YOU !!
In relation to this particular issue: "Could not establish trust relationship for the SSL/TLS secure channel":

Is it possible to "allow" self-signed certificates or somehow bypass the "ssl check" ?

Maybe this will help ???!
https://dejanstojanovic.net/aspnet/2014/september/bypass-ssl-certificate-validation/

Many thanks in advance.

[brunotvaz]

My Snipe-IT server uses LDAP to "communicate" with my Active Directory Domain.
For obvious reasons I do NOT want to allow unencrypted communications hence the use of SSL certificates.
Please help me sort this issue so I can use this agent in a "production environment".

[velaar]

@brunotvaz

I wonder if you have considered establishing proper chain of certificates and trust the snipe-it server or just getting a 3rd party certificate trusted by windows. Making a certificate locally trusted should also resolve the issue, while it is an incorrect solution unless you have a local CA.

[brunotvaz]

Hi velaar,

Many thanks for your reply.
I understand what you are saying but this is an internal server that doesn't have "exposure" to the internet.
I could potentially open port 443 and forward it to the Snipe-IT server and then use Let'sEncrypt to generate a valid certificate.
But that's exactly what I don't want to do since that would expose the server to the internet.
I'll have a look into "updating" the self-signed certificate (that is currently on that server) to see if I can overcome the issue somehow.
Again thank you for your assistance ;)