Add ssl_verify config option to fix certificate errors

Raw OpenSSL sockets don't find the system CA bundle the same way Net::HTTP
does. ssl_verify (default: true) is now a config setting that applies to
both HTTP REST calls and WebSocket connections. Set via `portainer-cli configure`.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-03-22 13:07:07 +01:00
parent a1015366a9
commit c59deca51e
6 changed files with 20 additions and 12 deletions
+5
View File
@@ -32,6 +32,11 @@ module PortainerCli
@config.api_key = prompt_secret("API key", @config.api_key)
end
puts
current_verify = @config.ssl_verify.nil? ? true : @config.ssl_verify
verify_choice = prompt("Verify SSL certificates? [y/n]", current_verify ? "y" : "n")
@config.ssl_verify = (verify_choice.downcase != "n")
@config.save
puts
puts green("Configuration saved to #{Config::CONFIG_FILE}")
+1 -1
View File
@@ -42,7 +42,7 @@ module PortainerCli
send_resize(endpoint_id, exec_id) if $stdout.tty?
trap('SIGWINCH') { send_resize(endpoint_id, exec_id) } if $stdout.tty?
WebsocketExec.new(ws_url, @config.auth_header).run
WebsocketExec.new(ws_url, @config.auth_header, ssl_verify: @config.ssl_verify).run
$stderr.puts dim("\r\nSession ended.")
rescue PortainerCli::Client::ApiError => e
+1 -1
View File
@@ -36,7 +36,7 @@ module PortainerCli
send_resize(endpoint_id, exec_id) if $stdout.tty?
trap('SIGWINCH') { send_resize(endpoint_id, exec_id) } if $stdout.tty?
WebsocketExec.new(ws_url, @config.auth_header).run
WebsocketExec.new(ws_url, @config.auth_header, ssl_verify: @config.ssl_verify).run
$stderr.puts dim("\r\nSession ended.")
rescue PortainerCli::Client::ApiError => e