Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[SECURITY] Enable TLS certificate validation
See original GitHub issueHello,
I don’t understand the reasoning behind disabling TLS certification validation. This allows MITM attacks.
Requests module can connect to Degiro’s servers with default settings:
import requests
req = requests.get("https://trader.degiro.nl")
print(req)
Furthermore, Degiro follows TLS best practices as it is A+ rated.
Could you please enable TLS certificate validation to prevent MITM attacks?
Thanks
Issue Analytics
- State:
- Created 2 years ago
- Comments:8 (8 by maintainers)
Top Results From Across the Web
git - Github - TLS certificate verification has been disabled! on ...
This helped me: 1 Re-enable git config --global http.sslVerify true. to get rid of the "TLS certificate verification has been disabled.".
Read more >What are the Validation Methods for TLS/SSL Certificates?
Extended Validation (EV) certificates require 16 methods of identity validation including verifying an organization's name, status, type, registration number, ...
Read more >Certificate Verification - Transport Layer Security
The client checks to ensure that the server's certificate is not expired and that the domain name or IP address on the certificate...
Read more >How SSL and TLS provide authentication - IBM
If the SSL or TLS server requires client authentication, the server verifies the client's identity by verifying the client's digital certificate with the...
Read more >SSL/TLS Certificate Explained - How to Get TLS ... - SSL2BUY
Domain Validation: The certificate authority verifies the ownership of a domain and ensures that the domain name belongs to the SSL applicant. Such...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This issue is being handled by someone? If not I can take this ticket (at least I can try…).
Hi @Chavithra. I just sent you a message on discord.