Skip to content

feat: add certificate trust configuration for MCP servers #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

feat: add certificate trust configuration for MCP servers #5

wants to merge 19 commits into from

Conversation

@daniel-lxs
Copy link
Contributor

@daniel-lxs daniel-lxs commented Oct 2, 2025

Summary

This PR addresses Issue #8355 by adding certificate trust configuration support for MCP servers using HTTPS connections (SSE and StreamableHTTP transports).

Problem

MCP servers using self-signed or internal CA-signed certificates cannot be used because there's no way to specify trust information for these certificates. This prevents users from connecting to MCP servers in development environments or corporate networks with internal certificate authorities.

Solution

Added a certificateTrust configuration option for SSE and StreamableHTTP server types with three settings:

  • allowSelfSigned: Allow self-signed certificates (for development)
  • caCertPath: Path to custom CA certificate file (for internal CAs)
  • rejectUnauthorized: Control certificate validation (defaults to true for security)

Changes

  • ✅ Added CertificateTrustSchema to validate certificate trust configuration
  • ✅ Implemented HTTPS agent configuration for SSE transport using custom fetch
  • ✅ Implemented HTTPS agent configuration for StreamableHTTP transport
  • ✅ Added comprehensive test coverage for all configuration scenarios
  • ✅ Created detailed documentation with examples and security considerations

Testing

  • All existing tests pass
  • Added 6 new test cases covering certificate trust configuration
  • TypeScript type checking passes
  • Linting passes

Security Considerations

  • Defaults to secure settings (rejectUnauthorized: true)
  • Documentation includes clear warnings about development-only settings
  • Proper error handling for certificate file loading

Documentation

Added comprehensive documentation in docs/mcp-certificate-trust.md including:

  • Configuration examples for all scenarios
  • Security best practices
  • Certificate format conversion instructions
  • Troubleshooting guide

@roomote
feat: add certificate trust configuration for MCP servers
a158c21 
- Add certificateTrust configuration options for SSE and StreamableHTTP transports
- Support allowSelfSigned, caCertPath, and rejectUnauthorized options
- Implement HTTPS agent configuration for Node.js fetch operations
- Add comprehensive tests for certificate trust configuration
- Add documentation explaining usage and security considerations

Fixes #8355
@roomote
fix: resolve TypeScript type error for agent property in fetch
b73bd7c 
- Use spread operator with type assertion for Node.js-specific agent property
- Ensures compatibility with standard RequestInit type while allowing HTTPS agent
roo-code-dan[bot]

This comment was marked as outdated.

Sign in to view

@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 2, 2025
daniel-lxs
daniel-lxs commented Oct 2, 2025
View reviewed changes
src/services/mcp/McpHub.ts
}

// Create HTTPS agent with certificate trust settings
const agent = new https.Agent(agentOptions)
Copy link
Contributor Author

@daniel-lxs daniel-lxs Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Node 18+ global fetch (undici) ignores RequestInit.agent, so these certificateTrust settings won’t take effect for StreamableHTTP. Use undici’s dispatcher instead. Suggest: create an undici Agent with TLS options (e.g., new Agent({ connect: { tls: { rejectUnauthorized: false, ca: caCert } } })) and set (requestInit as any).dispatcher = agent. This also applies to the SSE custom fetch.

daniel-lxs
daniel-lxs commented Oct 2, 2025
View reviewed changes
src/services/mcp/McpHub.ts
return fetch(url, {
...init,
headers,
...({ agent } as any),
Copy link
Contributor Author

@daniel-lxs daniel-lxs Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SSE path: the custom fetch adds { agent } to RequestInit, but Node’s global fetch (undici) ignores agent. Use undici’s dispatcher instead. Create an undici Agent/Pool with TLS options (e.g., new Agent({ connect: { tls: { rejectUnauthorized: false, ca: caCert } } })) and call fetch(url, { ...init, headers, dispatcher }). Consider caching the dispatcher per server to avoid recreating it on reconnect.

daniel-lxs
daniel-lxs commented Oct 2, 2025
View reviewed changes
docs/mcp-certificate-trust.md

## Limitations

- Certificate trust settings only apply to SSE and StreamableHTTP transports
Copy link
Contributor Author

@daniel-lxs daniel-lxs Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Limitation note: In Node 18+ the global fetch is powered by undici and ignores RequestInit.agent. For certificate overrides (custom CA, self-signed, disabling verification) you must use undici’s dispatcher (e.g., an undici Agent/Pool with TLS options) and pass it via fetch(..., { dispatcher }). Consider adding this to the Limitations with a short example so users don’t expect agent to work in Node.

daniel-lxs

This comment was marked as outdated.

Sign in to view

roo-code-dan[bot]

This comment was marked as outdated.

Sign in to view

@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
roo-code-dan[bot]

This comment was marked as outdated.

Sign in to view

@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 6, 2025
roo-code-dan[bot]

This comment was marked as outdated.

Sign in to view

@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 7, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 7, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 7, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 7, 2025
roo-code-dan[bot]

This comment was marked as outdated.

Sign in to view

@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 9, 2025
@DanCodeInc DanCodeInc deleted a comment from roo-code-dan bot Oct 9, 2025
roo-code-dan[bot]
roo-code-dan bot reviewed Oct 9, 2025
View reviewed changes
docs/mcp-certificate-trust.md
- Certificate trust settings only apply to SSE and StreamableHTTP transports
- STDIO transport servers do not use HTTPS and therefore don't need certificate configuration
- The configuration requires Node.js environment; browser-based implementations may have different requirements
- Test webhook commit 17
Copy link

@roo-code-dan roo-code-dan bot Oct 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test commit message should be removed before merging the PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@roo-code-dan roo-code-dan[bot] roo-code-dan[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@daniel-lxs @roomote