fix(ct_monitor): enable TLS certificate verification

h4x3rotab · claude · h4x3rotab · commit b18b2a0a531f · 2025-12-31T11:43:52.000Z
Remove dangerous `danger_accept_invalid_certs(true)` - gateway uses valid certs. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
diff --git a/ct_monitor/src/main.rs b/ct_monitor/src/main.rs
@@ -56,10 +56,7 @@ impl Monitor {
         let acme_info_url = format!("{}/acme-info", self.gateway_uri.trim_end_matches('/'));
         info!("fetching known public keys from {}", acme_info_url);
 
-        let client = reqwest::Client::builder()
-            .danger_accept_invalid_certs(true) // TODO: Use RA-TLS verification
-            .build()
-            .context("failed to build http client")?;
+        let client = reqwest::Client::new();
 
         let response = client
             .get(&acme_info_url)
