Http actions with self-signed

billfor · May 18, 2025, 6:44pm

I would just like to confirm in 2025 that there is no way for the http actions to ignore certificate errors without importing the certificate. I have a WiiM with a self-signed and it only listens on 443.

rlkoshak · May 20, 2025, 1:01pm

The actions do not have that ability. The HTTP binding can. There are HTTP capabilities in some of the rules languages, particularly jRuby and Python which can ignore the certificate trustworthiness. And of course you have access to the raw HTTP classes from Java in pretty much all the rules languages.

milo · May 20, 2025, 1:36pm

Might be possible to post an example?

rlkoshak · May 20, 2025, 2:04pm

Of which approach? I listed several.

milo · May 20, 2025, 3:31pm

Of this

rlkoshak · May 20, 2025, 5:05pm

Which language? I’m not going to figure it out for langauges I don’t know. I JS you just need to import the classes:

var HttpRequest = Java.type("java.net.http.HttpRequest");

Then follow any of the many HTTP with Java tutorials out there. Often there are great short examples in the JavaDocs as well: HttpRequest (Java SE 17 & JDK 17)

The following is an example of a GET request that prints the response body as a String:

  HttpClient client = HttpClient.newHttpClient();
  HttpRequest request = HttpRequest.newBuilder()
        .uri(URI.create("http://foo.com/"))
        .build();
  client.sendAsync(request, BodyHandlers.ofString())
        .thenApply(HttpResponse::body)
        .thenAccept(System.out::println)
        .join();