Menu
Swagger UI refuses to make a request to https with self signed certificate.
The problem is next:
curl -X POST "https://localhost:8088/Authenticate" -H "accept: pplication/json" -H "Content-Type: application/json" -d "{ \"username\":"user\", \"password\": \"user\"}"
Above command is generated by swagger automatically and after run it returns :
TypeError: Failed to fetch
Manually (not using Swagger UI) run returns :
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I want to make it like next (add --insecure parameter):
curl -X POST "https://localhost:8088/Authenticate" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"username\": \"user\", \"password\": \"user\"}" --insecure
This will allow me to perform a desired request. Is there a way to add custom parameters to autogenerated Swagger curl? Thanks.
838
cURL, which stands for client URL, is a command line tool that developers use to transfer data to and from a server. At the most fundamental, cURL lets you talk to a server by specifying the location (in the form of a URL) and the data you want to send.
Firstly, the cURL command is for display and copy-pasting only. Swagger UI does not actually use cURL for requests – it's a web page so it makes requests using JavaScript (fetch API or XMLHttpRequest or similar).
As explained here, Swagger UI does not support self-signed certificates (emphasis mine):
It appears you have a problem with your certificate. There's no way for Swagger-UI (or any in-browser application) to bypass the certificate verification process built into the browser, for security reasons that are out of our control.
It looks like you have a self-signed certificate. You'll want to look into how to get your computer to trust your certificate, here's a guide for Google Chrome, which it looks like you're using:
Getting Chrome to accept self-signed localhost certificate
So if you want to use Swagger UI to test a server that uses a self-signed certificate, you'll need to configure your browser (or your computer) to trust that certificate. Check out these questions for suggestions:
Chrome: Getting Chrome to accept self-signed localhost certificate
Firefox: Is there a way to make Firefox ignore invalid ssl-certificates?
Is there a way to add custom parameters to autogenerated Swagger curl?
The code to generate the cURL command lives here:
https://github.com/swagger-api/swagger-ui/blob/master/src/core/curlify.js
You can fork Swagger UI and tweak the code as your needs dictate.
But as explained above – changing the displayed cURL command won't change the actual "try it out" behavior, because "try it out" cannot bypass certificate validation.
149
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
