Skip to content

Commit ffe8e2d

Browse files
Add HttpClientIgnoreCertificateErrors config support for CI/CD testing
Co-authored-by: StuartFerguson <16325469+StuartFerguson@users.noreply.github.com>
1 parent e09577f commit ffe8e2d

2 files changed

Lines changed: 14 additions & 1 deletion

File tree

EstateManagementUI.BlazorServer/Program.cs

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,13 +86,25 @@
8686
var authority = builder.Configuration["Authentication:Authority"];
8787
var securityServiceLocalPort = builder.Configuration["AppSettings:SecurityServiceLocalPort"];
8888
var securityServicePort = builder.Configuration["AppSettings:SecurityServicePort"];
89+
var httpClientIgnoreCertificateErrors = builder.Configuration.GetValue<bool>("AppSettings:HttpClientIgnoreCertificateErrors", false);
8990

9091
// Use helper method to get adjusted addresses for integration testing
9192
var (authorityAddress, issuerAddress) = AuthenticationHelpers.GetSecurityServiceAddresses(
9293
authority,
9394
securityServiceLocalPort,
9495
securityServicePort);
9596

97+
// Configure certificate validation bypass for CI/CD testing
98+
if (httpClientIgnoreCertificateErrors)
99+
{
100+
Console.WriteLine("WARNING: Certificate validation is disabled for HttpClient backchannel communication");
101+
var handler = new HttpClientHandler
102+
{
103+
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
104+
};
105+
options.BackchannelHttpHandler = handler;
106+
}
107+
96108
// Configure OpenID Connect settings
97109
options.Authority = authorityAddress;
98110
options.ClientId = builder.Configuration["Authentication:ClientId"];

EstateManagementUI.BlazorServer/appsettings.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@
88
"AllowedHosts": "*",
99
"AppSettings": {
1010
"SecurityServiceLocalPort": null,
11-
"SecurityServicePort": null
11+
"SecurityServicePort": null,
12+
"HttpClientIgnoreCertificateErrors": false
1213
},
1314
"Authentication": {
1415
"Authority": "https://localhost:5001",

0 commit comments

Comments
 (0)