oAuth / openID with skip-tls-verify

[inthuriel]

Is it possibe to use oauth with openidConnect provider alongside with skip-tls-verify option?
We have openID provider with self-signed SSL and gitea isn't able to connect to it

2021/07/08 13:22:02 main.go:117:main() [F] Failed to run app with [gitea admin auth update-oauth --id 1 --auto-discover-url [url] --key [app] --name oAuth --provider openidConnect --secret [secret]]: models.SetEngine: Failed to connect to database: Unknown database type: 

[noerw]

That's currently not supported as far as I can tell.
I'm also not sure skipping TLS verification is a good idea for an auth provider.
You could instead try to add your local CA used to create the self signed cert to the trust store on the system gitea is running on.

[zeripath]

Add your certificate to a copy of the root certs file and set SSL_CERT_FILE to the new file.

See: https://pkg.go.dev/crypto/x509@go1.16.6#SystemCertPool

and

https://cs.opensource.google/go/go/+/refs/tags/go1.16.6:src/crypto/x509/root_linux.go

(On linux that is. On windows and mac you need to add the new RootCA to the system pool.)

[zeripath]

If we were to provide an option to set the trusted CAs users would have to provide a file containing all root CAs.