Skip to content

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

feat(forge): add flag to disable HTTPS certificate validation for RPC #11960

wants to merge 1 commit into from

Conversation

mirokuratczyk
Copy link

Motivation

Resolve #11907 (comment).

Solution

  • Add --insecure/-k flag to forge script which toggles ignoring invalid certs (e.g., self-signed)

I'm not sure this PR handles all possible codepaths as new providers are built in many different places and each needs to be configured with .accept_invalid_certs(bool).

PR Checklist

  • Added Tests
  • Added Documentation
  • Breaking changes

@mirokuratczyk mirokuratczyk mentioned this pull request Oct 3, 2025
Open
mablr
mablr reviewed Oct 3, 2025
View reviewed changes
Copy link
Contributor

@mablr mablr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, but I guess it would be actually cleaner to build the provider using :

foundry/crates/cli/src/utils/mod.rs

Lines 102 to 106 in c646b88

/// Returns a [RetryProvider] instantiated using [Config]'s
/// RPC
pub fn get_provider(config: &Config) -> Result<RetryProvider> {
get_provider_builder(config)?.build()
}

this would retrieve eth_rpc_accept_invalid_certs key from the config directly.

This actually confirms the need for a refactor of the RpcOpts/EvmArgs common fields. So I'll open a dedicated issue to get feedback from the project team.

crates/common/src/provider/mod.rs
#[track_caller]
pub fn get_http_provider(builder: impl AsRef<str>) -> RetryProvider {
try_get_http_provider(builder).unwrap()
pub fn get_http_provider(builder: impl AsRef<str>, accept_invalid_certs: bool) -> RetryProvider {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should not be there

crates/evm/core/src/backend/mod.rs
let Some(endpoint) = ENDPOINT else { return };

let provider = get_http_provider(endpoint);
let provider = get_http_provider(endpoint, false);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DaniPopes DaniPopes Awaiting requested review from DaniPopes DaniPopes will be requested when the pull request is marked ready for review DaniPopes is a code owner

@mattsse mattsse Awaiting requested review from mattsse mattsse will be requested when the pull request is marked ready for review mattsse is a code owner

@grandizzy grandizzy Awaiting requested review from grandizzy grandizzy will be requested when the pull request is marked ready for review grandizzy is a code owner

@yash-atreya yash-atreya Awaiting requested review from yash-atreya yash-atreya will be requested when the pull request is marked ready for review yash-atreya is a code owner

@zerosnacks zerosnacks Awaiting requested review from zerosnacks zerosnacks will be requested when the pull request is marked ready for review zerosnacks is a code owner

@onbjerg onbjerg Awaiting requested review from onbjerg onbjerg will be requested when the pull request is marked ready for review onbjerg is a code owner

@0xrusowsky 0xrusowsky Awaiting requested review from 0xrusowsky 0xrusowsky will be requested when the pull request is marked ready for review 0xrusowsky is a code owner

1 more reviewer

@mablr mablr mablr left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
Foundry
Status: No status
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(forge): add flag to disable HTTPS certificate validation for RPC
2 participants
@mirokuratczyk @mablr