Hoverfly proxying to local services using internal CA

[andresilvaluiz]

If my backend services use certificates signed by an internal CA, how should I configure Hoverfly as a proxy for these services? I generated a certificate signed by that CA and provided it as -cert and -key. But still, curl fails because of the self signed certs.

[tommysitu]

Since hoverfly uses self-signed cert as well, you can either add the hoverfly CA into your machine's trusted CA store, or passing the cert using the -cacert flag for curl. You can see the instructions on this page: https://docs.hoverfly.io/en/latest/pages/tutorials/basic/https/https.html

The above sorts out the SSL termination between curl and the hoverfly proxy. For the https connection between hoverfly and your server with internal CA, you can skip the cert verification by passing this flag when starting hoverfly:

-tls-verification
    	Turn on/off tls verification for outgoing requests (will not try to verify certificates) (default true)