Question
· Apr 6, 2022

VSCode & ObjectScript extension: Trusting self-signed certificates

Hello,

Recently I have been tinkering with VSCode and ObjectScript extension to connect to my dockerized IRIS instance. I have configured the instance to use Apache as a Web Gateway as per instructions and it has been working well. Currently I'm using a self-signed certificate for the SSL part of the connection. The browser nags about insecure certs when connecting to Management Portal but that's expected. 

However when I try to connect to the instance with VSCode it simply fails with the following error message

Invoking the Atelier API with a REST Client (Insecure = true) the API responds 200 OK with a bunch of JSON about the instance.

I tried to look through the extension settings but can't find any setting that could declare a specific connection insecure. Is there a possibility to tell the extension to not verify SSL certs for a given server connection? Surely others have encountered this error before and there is a trivial solution for this but I can't seem to find it.

Any ideas how to solve this?

Thanks,
Kari

Discussion (11)3
Log in or sign up to continue

Nope, does not make any difference. I checked out the extensions code and I suspect (I might be wrong) that the issue is here:

https://github.com/intersystems-community/vscode-objectscript/blob/maste... Line 289

    const agent = new http.Agent({
      keepAlive: true,
      maxSockets: 10,
      rejectUnauthorized: https && config("http.proxyStrictSSL"),
    });

rejectUnauthorized is going to be true if the scheme is using HTTPS (which I am). If that is the issue, it would be great if this parameter could be overwritten with some general setting provided by the extension for example "Allow Insecure connections".

That was fast!

I downloaded the extension and tested it. It works. 

I removed the objectscript.http.proxyStrictSSLproperty and set proxyStrictSSL to true -> connection failed as expected: VSCode notified that the server is using a self-signed cert. Next, I set proxyStrictSSLto false and tried to reconnect -> connection ok and VSCode prompted me to choose the namespace I want. 

Thank you for your effort, it seems like your change works as expected.

//Kari

I am having this same problem and I am using the latest extension. 

I added the 

"http.proxyStrictSSL": false

to the User settings.json , which is the same as

But still getting the error: 
 

Check your server details in Settings (vgorillaaws[VGORILLA]).

request to https://ec2-x.x.x.x.us-east-2.compute.amazonaws.com/api/atelier/ failed, reason: self signed certificate

I am using [2.5.0] - 2024-05-02 InterSystems Language Server