Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opt-out of "HTTPs everywhere" : add an allowInsecureConnections property in NuGet.Config #12786

Closed
heng-liu opened this issue Aug 1, 2023 · 3 comments · Fixed by NuGet/NuGet.Client#5343
Closed

Opt-out of "HTTPs everywhere" : add an allowInsecureConnections property in NuGet.Config #12786

heng-liu opened this issue Aug 1, 2023 · 3 comments · Fixed by NuGet/NuGet.Client#5343
Assignees
@heng-liu
Labels
Area:Settings NuGet.Config and related issues Type:DCR Design Change Request
Milestone
6.8

Comments

@heng-liu
Copy link
Contributor

heng-liu commented Aug 1, 2023
edited
Loading

We need to add an allowInsecureConnections property into packageSources section in NuGet.Config files, as below:

<!-- Allows insecure connections on a specific http source -->
<packageSources>
    <add key="Contoso" value="http://contoso.com/packages/" allowInsecureConnections="true" />
</packageSources>

Spec: https://github.com/NuGet/Home/blob/dev/proposed/2023/InsecureConnectionsDisableCertificateValidation.md#package-source-nuget-config
@heng-liu heng-liu added Type:DCR Design Change Request Area:Settings NuGet.Config and related issues labels Aug 1, 2023
@heng-liu heng-liu self-assigned this Aug 1, 2023
@heng-liu heng-liu mentioned this issue Aug 1, 2023
Closed
8 tasks
@aortiz-msft aortiz-msft mentioned this issue Aug 2, 2023
Open
@heng-liu heng-liu added the Category:Quality Week Issues that should be considered for quality week label Aug 3, 2023
@heng-liu heng-liu mentioned this issue Aug 3, 2023
Merged
8 tasks
@heng-liu heng-liu removed the Category:Quality Week Issues that should be considered for quality week label Aug 10, 2023
@heng-liu heng-liu changed the title Opt-out of "HTTP warning/error" : add an allowInsecureConnections property in NuGet.Config Opt-out of "HTTPs everywhere" : add an allowInsecureConnections property in NuGet.Config Aug 17, 2023
@0xced
Copy link

0xced commented Aug 29, 2023

Along with this change I think a new --allowInsecureConnections option should be added to the dotnet nuget add source command.

dotnet nuget add source http://contoso.com/packages/ --name Contoso --allowInsecureConnections

should add the following source in the NuGet.config file:

<add key="Contoso" value="http://contoso.com/packages/" allowInsecureConnections="true" />

@KalleOlaviNiemitalo KalleOlaviNiemitalo mentioned this issue Oct 4, 2023
Closed
@zivkan zivkan mentioned this issue Oct 17, 2023
Closed
@nkolev92 nkolev92 added this to the 6.8 milestone Oct 31, 2023
@kaatula
Copy link

kaatula commented Jan 17, 2024

Along with this change I think a new --allowInsecureConnections option should be added to the dotnet nuget add source command.

dotnet nuget add source http://contoso.com/packages/ --name Contoso --allowInsecureConnections

Has the team considered this suggestion?

I need this command-line argument for my docker build pipeline.

@yadickson
Copy link

Hello

Maybe also add this options for the next command line:

nuget setapikey xxx -source http://yyy/repository --allowInsecureConnections

Best regards

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@heng-liu heng-liu

Labels
Area:Settings NuGet.Config and related issues Type:DCR Design Change Request
Projects
None yet
Milestone
6.8
Development

Successfully merging a pull request may close this issue.

Add an allowInsecureConnections property in NuGet.Config NuGet/NuGet.Client
5 participants
@0xced @kaatula @nkolev92 @yadickson @heng-liu