You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While testing the proxy support in the plugin with mitmproxy we've noticed that the REST client does not fallback to the OS trusted certificates if it can't find anything in the JVM's default keystore.
Mitmproxy uses self-signed certificates, and it's usually simpler to add the certificate required to the operating system's certificate trust store rather than Toolbox JVM's default keystore. However, by default, JVM-based applications use only the JVM's default keystore, which means connecting to servers will fail due to not trusting the certificate presented.
Ideally, the plugin cascades in the following order:
JVM's default keystore
Coder configured CA (available in the Settings page under TLS section)
OS trusted keystore
The text was updated successfully, but these errors were encountered:
While testing the proxy support in the plugin with mitmproxy we've noticed that the REST client does not fallback to the OS trusted certificates if it can't find anything in the JVM's default keystore.
Mitmproxy uses self-signed certificates, and it's usually simpler to add the certificate required to the operating system's certificate trust store rather than Toolbox JVM's default keystore. However, by default, JVM-based applications use only the JVM's default keystore, which means connecting to servers will fail due to not trusting the certificate presented.
Ideally, the plugin cascades in the following order:
The text was updated successfully, but these errors were encountered: