You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
In the go-micro package, specifically in the file github.com/go-micro/go-micro/broker/http.go at line 84 within the newTransport function, there is a default configuration that skips TLS certificate verification. This behavior poses a serious security risk because it disables the mechanism that ensures the authenticity and integrity of the TLS connection. Without certificate verification, man-in-the-middle attacks become possible, allowing attackers to intercept, modify, or steal data transmitted over the network.
Describe the solution you'd like
To mitigate this security vulnerability, I propose updating the default TLS configuration to enforce certificate verification. This can be achieved by configuring the tls.Config object to include a valid RootCAs pool or by setting the InsecureSkipVerify flag to false, which is its default value. Doing so will ensure that connections are established only with servers presenting trusted certificates, enhancing the overall security posture of the application.
Additional context
It is crucial to consider the implications of disabling certificate verification in production environments. While it might simplify development or testing scenarios, it should never be enabled in any environment where sensitive data is handled. To address this issue properly, the default configuration should be updated to enforce certificate verification, and developers should be provided with clear documentation on how to configure exceptions for testing purposes only.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
In the go-micro package, specifically in the file github.com/go-micro/go-micro/broker/http.go at line 84 within the newTransport function, there is a default configuration that skips TLS certificate verification. This behavior poses a serious security risk because it disables the mechanism that ensures the authenticity and integrity of the TLS connection. Without certificate verification, man-in-the-middle attacks become possible, allowing attackers to intercept, modify, or steal data transmitted over the network.
Describe the solution you'd like
To mitigate this security vulnerability, I propose updating the default TLS configuration to enforce certificate verification. This can be achieved by configuring the tls.Config object to include a valid RootCAs pool or by setting the InsecureSkipVerify flag to false, which is its default value. Doing so will ensure that connections are established only with servers presenting trusted certificates, enhancing the overall security posture of the application.
Additional context
It is crucial to consider the implications of disabling certificate verification in production environments. While it might simplify development or testing scenarios, it should never be enabled in any environment where sensitive data is handled. To address this issue properly, the default configuration should be updated to enforce certificate verification, and developers should be provided with clear documentation on how to configure exceptions for testing purposes only.
The text was updated successfully, but these errors were encountered: