feat(updater): allow accepting invalid TLS certs/hostnames via config (#3057)

christian-leingang · FabianLars · web-flow · commit fa601e8754d0 · 2025-11-24T14:56:59.000+01:00
Co-authored-by: Fabian-Lars &lt;github@fabianlars.de&gt;
diff --git a/.changes/updater-allow-invalid-tls.md b/.changes/updater-allow-invalid-tls.md
@@ -0,0 +1,6 @@
+---
+"updater": minor
+"updater-js": minor
+---
+
+Allow configuring the updater client to accept invalid TLS certificates and hostnames for internal/self-signed update servers. These options are available via the plugin config (`dangerousAcceptInvalidCerts`, `dangerousAcceptInvalidHostnames`) and via the `UpdaterBuilder` (`dangerous_accept_invalid_certs`, `dangerous_accept_invalid_hostnames`).
diff --git a/plugins/updater/src/config.rs b/plugins/updater/src/config.rs
@@ -91,6 +91,10 @@ where
 pub struct Config {
     /// Dangerously allow using insecure transport protocols for update endpoints.
     pub dangerous_insecure_transport_protocol: bool,
+    /// Dangerously accept invalid TLS certificates for update requests.
+    pub dangerous_accept_invalid_certs: bool,
+    /// Dangerously accept invalid hostnames for TLS certificates for update requests.
+    pub dangerous_accept_invalid_hostnames: bool,
     /// Updater endpoints.
     pub endpoints: Vec<Url>,
     /// Signature public key.
@@ -109,6 +113,10 @@ impl<'de> Deserialize<'de> for Config {
         pub struct Config {
             #[serde(default, alias = "dangerous-insecure-transport-protocol")]
             pub dangerous_insecure_transport_protocol: bool,
+            #[serde(default, alias = "dangerous-accept-invalid-certs")]
+            pub dangerous_accept_invalid_certs: bool,
+            #[serde(default, alias = "dangerous-accept-invalid-hostnames")]
+            pub dangerous_accept_invalid_hostnames: bool,
             #[serde(default)]
             pub endpoints: Vec<Url>,
             pub pubkey: String,
@@ -125,6 +133,8 @@ impl<'de> Deserialize<'de> for Config {
 
         Ok(Self {
             dangerous_insecure_transport_protocol: config.dangerous_insecure_transport_protocol,
+            dangerous_accept_invalid_certs: config.dangerous_accept_invalid_certs,
+            dangerous_accept_invalid_hostnames: config.dangerous_accept_invalid_hostnames,
             endpoints: config.endpoints,
             pubkey: config.pubkey,
             windows: config.windows,
diff --git a/plugins/updater/src/updater.rs b/plugins/updater/src/updater.rs
@@ -433,6 +433,12 @@ impl Updater {
             log::debug!("checking for updates {url}");
 
             let mut request = ClientBuilder::new().user_agent(UPDATER_USER_AGENT);
+            if self.config.dangerous_accept_invalid_certs {
+                request = request.danger_accept_invalid_certs(true);
+            }
+            if self.config.dangerous_accept_invalid_hostnames {
+                request = request.danger_accept_invalid_hostnames(true);
+            }
             if let Some(timeout) = self.timeout {
                 request = request.timeout(timeout);
             }
@@ -633,6 +639,12 @@ impl Update {
         }
 
         let mut request = ClientBuilder::new().user_agent(UPDATER_USER_AGENT);
+        if self.config.dangerous_accept_invalid_certs {
+            request = request.danger_accept_invalid_certs(true);
+        }
+        if self.config.dangerous_accept_invalid_hostnames {
+            request = request.danger_accept_invalid_hostnames(true);
+        }
         if let Some(timeout) = self.timeout {
             request = request.timeout(timeout);
         }
