Skip to content

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
mirokuratczyk wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

mirokuratczyk wants to merge 2 commits into from

Conversation

@mirokuratczyk
Copy link

@mirokuratczyk mirokuratczyk commented Oct 3, 2025

Motivation

Resolve #11907 (comment).

Solution

  • Add --insecure/-k flag to forge script which toggles ignoring invalid certs (e.g., self-signed)

I'm not sure this PR handles all possible codepaths as new providers are built in many different places and each needs to be configured with .accept_invalid_certs(bool).

PR Checklist

  • Added Tests
  • Added Documentation
  • Breaking changes
@mirokuratczyk mirokuratczyk mentioned this pull request Oct 3, 2025
Open
mablr
mablr reviewed Oct 3, 2025
View reviewed changes
Copy link
Contributor

@mablr mablr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, but I guess it would be actually cleaner to build the provider using :

foundry/crates/cli/src/utils/mod.rs

Lines 102 to 106 in c646b88

/// Returns a [RetryProvider] instantiated using [Config]'s
/// RPC
pub fn get_provider(config: &Config) -> Result<RetryProvider> {
get_provider_builder(config)?.build()
}

this would retrieve eth_rpc_accept_invalid_certs key from the config directly.

This actually confirms the need for a refactor of the RpcOpts/EvmArgs common fields. So I'll open a dedicated issue to get feedback from the project team.
@mablr mablr mentioned this pull request Oct 5, 2025
Open
@mirokuratczyk
Copy link
Author

mirokuratczyk commented Oct 8, 2025

I pushed an update that uses get_provider as suggested. Seems to be working with --insecure.

Sounds like we'll wait for #11964 to be merged first though and go from there.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@mirokuratczyk @mablr