Skip to content

Commit 44f4f08

Browse files
corybcoryb
authored
feat: add coder.tlsAltHost option (#398)
1 parent d4ccfa7 commit 44f4f08

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

package.json

+5
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,11 @@
8888
"type": "string",
8989
"default": ""
9090
},
91+
"coder.tlsAltHost": {
92+
"markdownDescription": "Alternative hostname to use for TLS verification. This is useful when the hostname in the certificate does not match the hostname used to connect.",
93+
"type": "string",
94+
"default": ""
95+
},
9196
"coder.proxyLogDirectory": {
9297
"markdownDescription": "If set, the Coder CLI will output extra SSH information into this directory, which can be helpful for debugging connectivity issues.",
9398
"type": "string",

src/api.ts

+4-1
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ async function createHttpAgent(): Promise<ProxyAgent> {
3131
const certFile = expandPath(String(cfg.get("coder.tlsCertFile") ?? "").trim())
3232
const keyFile = expandPath(String(cfg.get("coder.tlsKeyFile") ?? "").trim())
3333
const caFile = expandPath(String(cfg.get("coder.tlsCaFile") ?? "").trim())
34+
const altHost = expandPath(String(cfg.get("coder.tlsAltHost") ?? "").trim())
3435

3536
return new ProxyAgent({
3637
// Called each time a request is made.
@@ -41,6 +42,7 @@ async function createHttpAgent(): Promise<ProxyAgent> {
4142
cert: certFile === "" ? undefined : await fs.readFile(certFile),
4243
key: keyFile === "" ? undefined : await fs.readFile(keyFile),
4344
ca: caFile === "" ? undefined : await fs.readFile(caFile),
45+
servername: altHost === "" ? undefined : altHost,
4446
// rejectUnauthorized defaults to true, so we need to explicitly set it to
4547
// false if we want to allow self-signed certificates.
4648
rejectUnauthorized: !insecure,
@@ -66,7 +68,8 @@ async function getHttpAgent(): Promise<ProxyAgent> {
6668
e.affectsConfiguration("coder.insecure") ||
6769
e.affectsConfiguration("coder.tlsCertFile") ||
6870
e.affectsConfiguration("coder.tlsKeyFile") ||
69-
e.affectsConfiguration("coder.tlsCaFile")
71+
e.affectsConfiguration("coder.tlsCaFile") ||
72+
e.affectsConfiguration("coder.tlsAltHost")
7073
) {
7174
agent = createHttpAgent()
7275
}

0 commit comments

Comments
 (0)