[PR #4457] [CLOSED] feat(plugin): add rootca and tls verify for client http plugins #4981

New issue

Closed

opened 2026-05-05 14:52:26 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 14:52:26 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/fatedier/frp/pull/4457
Author: @adamwallred
Created: 9/25/2024
Status: ❌ Closed

Base: dev ← Head: rootca

📝 Commits (1)

e2b34ff feat(plugin): add rootca and tls verify for client http plugins

📊 Changes

3 files changed (+40 additions, -4 deletions)

View changed files

📝 pkg/config/v1/plugin.go (+2 -0)
📝 pkg/plugin/client/http2https.go (+19 -2)
📝 pkg/plugin/client/https2https.go (+19 -2)

📄 Description

WHY

It would be nice to support a custom CA cert and perform TLS verification of the connections between the httputil.ReverseProxy and the proxied service in the client *2https plugins.

This PR adds support for loading a rootCA and verifying TLS connections for the client http plugins.

I manually tested this by adding an incorrect root CA cert and attempting to make use of the proxy:

and verify failed as expected.

After adding the proper root CA certificate, the verify and proxy worked as expected.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fatedier/frp/pull/4457 **Author:** [@adamwallred](https://github.com/adamwallred) **Created:** 9/25/2024 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `rootca` --- ### 📝 Commits (1) - [`e2b34ff`](https://github.com/fatedier/frp/commit/e2b34fff62ba7c2e642b07e5d00d7525aaab1f03) feat(plugin): add rootca and tls verify for client http plugins ### 📊 Changes **3 files changed** (+40 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `pkg/config/v1/plugin.go` (+2 -0) 📝 `pkg/plugin/client/http2https.go` (+19 -2) 📝 `pkg/plugin/client/https2https.go` (+19 -2) </details> ### 📄 Description ### WHY It would be nice to support a custom CA cert and perform TLS verification of the connections between the `httputil.ReverseProxy` and the proxied service in the client `*2https` plugins. This PR adds support for loading a rootCA and verifying TLS connections for the client http plugins. I manually tested this by adding an incorrect root CA cert and attempting to make use of the proxy: <img width="371" alt="Screenshot 2024-09-25 at 2 46 40 PM" src="https://github.com/user-attachments/assets/7b276257-a662-4d8c-9f47-2d4d3ce14165"> and verify failed as expected. After adding the proper root CA certificate, the verify and proxy worked as expected. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>