Hi,
I’m writing a package to wrap a REST API using HTTP.jl and want to use a simple Julia local server for testing. Since all the REST calls use HTTPS I’ve generated a self-signed certificate for this test server but, of course, by default this isn’t recognised as valid when I query the server.
My preferred option would be if I could temporarily turn off certificate validation in HTTP.jl along the lines of
TestServer.start()
HTTP.set_certificate_validation(false)
@test MyPkg.fn1()
@test MyPkg.fn2()
...
HTTP.set_certificate_validation(true)
TestServer.stop()
I know about HTTP.request(...; require_ssl_verification=false) but that would require adding a testing setting in the code to turn off security which seems … bad? And adds a feature purely used for testing.
Failing this, is there a way to add my self-signed certificate / authority to wherever MbedTLS.jl looks for verification? Can this be done programatically during testing? ie something like MbedTLS.add_certificate_authority(my_self_signed) in the setup above?
I’ve tried looking at the docs for HTTP.jl / MbedTLS and can’t find anything so any pointers to documentation / advice on how to do this better is greatly appreciated