Merge pull request #755 from graywolf336/ssl-admin-option-754

Allowing the rejecting/allowing of ssl certs to be configurable by the admin
RocketChat · Sep 11, 2015 · 4a546a1 · 4a546a1
2 parents 895bd84 + 368c0c3
commit 4a546a1
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 1 deletion.
diff --git a/i18n/en.i18n.json b/i18n/en.i18n.json
@@ -37,6 +37,7 @@
   "Add_users" : "Add users",
   "Administration" : "Administration",
   "All_channels" : "All channels",
+  "Allow_Invalid_SelfSigned_Certs": "Allow invalid and Self-Signed SSL certificate's for link validation and previews",
   "and" : "and",
   "API_Analytics" : "Analytics",
   "API_Embed" : "Embed",

diff --git a/packages/rocketchat-lib/settings/server/startup.coffee b/packages/rocketchat-lib/settings/server/startup.coffee
@@ -33,6 +33,7 @@ Meteor.startup ->
 
 	RocketChat.settings.addGroup 'General'
 	RocketChat.settings.add 'Site_Name', 'Rocket.Chat', { type: 'string', group: 'General', public: true }
+	RocketChat.settings.add 'Allow_Invalid_SelfSigned_Certs', false, { type: 'boolean', group: 'General' }
 
 	RocketChat.settings.addGroup 'API'
 	RocketChat.settings.add 'API_Analytics', '', { type: 'string', group: 'API', public: true }

diff --git a/packages/rocketchat-oembed/server/server.coffee b/packages/rocketchat-oembed/server/server.coffee
@@ -15,7 +15,7 @@ getUrlContent = (urlObj, redirectCount = 5, callback) ->
 		port: urlObj.port
 		hostname: urlObj.hostname
 		path: urlObj.path
-		rejectUnauthorized: false
+		rejectUnauthorized: !RocketChat.settings.get 'Allow_Invalid_SelfSigned_Certs'
 
 	httpOrHttps = if urlObj.protocol is 'https:' then https else http