Skip to content

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

wants to merge 2 commits into from

Conversation

@mirokuratczyk
Copy link

Motivation

Resolve #11907 (comment).

Solution

  • Add --insecure/-k flag to forge script which toggles ignoring invalid certs (e.g., self-signed)

I'm not sure this PR handles all possible codepaths as new providers are built in many different places and each needs to be configured with .accept_invalid_certs(bool).

PR Checklist

  • Added Tests
  • Added Documentation
  • Breaking changes

@mirokuratczyk mirokuratczyk mentioned this pull request Oct 3, 2025
Open
mablr
mablr reviewed Oct 3, 2025
View reviewed changes
Copy link
Contributor

@mablr mablr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, but I guess it would be actually cleaner to build the provider using :

foundry/crates/cli/src/utils/mod.rs

Lines 102 to 106 in c646b88

/// Returns a [RetryProvider] instantiated using [Config]'s
/// RPC
pub fn get_provider(config: &Config) -> Result<RetryProvider> {
get_provider_builder(config)?.build()
}

this would retrieve eth_rpc_accept_invalid_certs key from the config directly.

This actually confirms the need for a refactor of the RpcOpts/EvmArgs common fields. So I'll open a dedicated issue to get feedback from the project team.

@mablr mablr mentioned this pull request Oct 5, 2025
Open
@mirokuratczyk
Copy link
Author

I pushed an update that uses get_provider as suggested. Seems to be working with --insecure.

Sounds like we'll wait for #11964 to be merged first though and go from there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DaniPopes DaniPopes Awaiting requested review from DaniPopes DaniPopes will be requested when the pull request is marked ready for review DaniPopes is a code owner

@mattsse mattsse Awaiting requested review from mattsse mattsse will be requested when the pull request is marked ready for review mattsse is a code owner

@grandizzy grandizzy Awaiting requested review from grandizzy grandizzy will be requested when the pull request is marked ready for review grandizzy is a code owner

@zerosnacks zerosnacks Awaiting requested review from zerosnacks zerosnacks will be requested when the pull request is marked ready for review zerosnacks is a code owner

@onbjerg onbjerg Awaiting requested review from onbjerg onbjerg will be requested when the pull request is marked ready for review onbjerg is a code owner

@0xrusowsky 0xrusowsky Awaiting requested review from 0xrusowsky 0xrusowsky will be requested when the pull request is marked ready for review 0xrusowsky is a code owner

1 more reviewer

@mablr mablr mablr left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

Foundry
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat(forge script): add flag to disable HTTPS certificate validation for RPC

2 participants

@mirokuratczyk @mablr