Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-19 05:19:39 +02:00
Code Issues Releases Activity

fix(tls): set insecureSkipVerify to false in FIPS mode [BE-11932] (#849)

Browse source
This commit is contained in:
Devon Steenberg 2025-07-04 10:48:54 +12:00 committed by GitHub
parent 1332f718ae
commit 8ffe4e284a
2 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/cmd/portainer/main.go
View file

@ -383,7 +383,8 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
gitService := git.NewService(shutdownCtx) gitService := git.NewService(shutdownCtx)
openAMTService := openamt.NewService() // Setting insecureSkipVerify to true to preserve the old behaviour.
openAMTService := openamt.NewService(true)
cryptoService := &crypto.Service{} cryptoService := &crypto.Service{}

4
api/hostmanagement/openamt/openamt.go
View file

@ -32,9 +32,9 @@ type Service struct {
} }
// NewService initializes a new service. // NewService initializes a new service.
func NewService() *Service { func NewService(insecureSkipVerify bool) *Service {
tlsConfig := crypto.CreateTLSConfiguration() tlsConfig := crypto.CreateTLSConfiguration()
tlsConfig.InsecureSkipVerify = true tlsConfig.InsecureSkipVerify = insecureSkipVerify
return &Service{ return &Service{
httpsClient: &http.Client{ httpsClient: &http.Client{