2
2
Fork
You've already forked api-scripts
3

self signed cert support / localhost #21

Closed
opened 2024年10月27日 23:18:28 +01:00 by vmario89 · 2 comments

Hi,
for an unsecure deployment a.t.m i had to reconcile the following part of bookstack-sitemap-generator to avoid throwing exception of the script:

 $opts = [
		'http' => [
			'header' => "Authorization: Token {$clientId}:{$clientSecret}"
		],
		'ssl' => [ 
			'verify_peer' => false, 
			'allow_self_signed'=> true ]
		];

maybe its worth to add this as export BS_INSECURE or similar, to allow requests to untrusted certs

Hi, for an unsecure deployment a.t.m i had to reconcile the following part of **bookstack-sitemap-generator** to avoid throwing exception of the script: ``` $opts = [ 'http' => [ 'header' => "Authorization: Token {$clientId}:{$clientSecret}" ], 'ssl' => [ 'verify_peer' => false, 'allow_self_signed'=> true ] ]; ``` maybe its worth to add this as export BS_INSECURE or similar, to allow requests to untrusted certs

furthermore it might help to add some hints to readme to have a dedicated sitemap-generator user which only created stuff of public visibility:

_First, we create a dedicated user sitemap-generator + role sitemap-generator. This user only sees the pages that are public and should also be included in the sitemap. The user receives a secure password and active 2FA protection. We also activate the sitemap-generator-api-token API token for the user via the admin account. We also set the following read permissions for the user, including the System access API authorization.

furthermore it might help to add some hints to readme to have a dedicated sitemap-generator user which only created stuff of public visibility: _First, we create a dedicated user `sitemap-generator` + role `sitemap-generator`. This user only sees the pages that are public and should also be included in the sitemap. The user receives a secure password and active 2FA protection. We also activate the `sitemap-generator-api-token` API token for the user via the admin account. We also set the following read permissions for the user, including the `System access API `authorization.
Owner
Copy link

Hi @vmario89,
These scripts are supposed to be simple jumping off points to be taken & modified as desired, I'm not really looking to expand them to account for environment specific edge cases, or document full steps for all possible considerations, we already have a note in the readme to advise the access will be that of the API user.

Hi @vmario89, These scripts are supposed to be simple jumping off points to be taken & modified as desired, I'm not really looking to expand them to account for environment specific edge cases, or document full steps for all possible considerations, we already have a note in the readme to advise the access will be that of the API user.
Sign in to join this conversation.
No Branch/Tag specified
main
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
bookstack/api-scripts#21
Reference in a new issue
bookstack/api-scripts
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?