Allow to keep the default truststore, when using a custom CA (#1863)

usebruno · Mar 22, 2024 · 8503752 · 8503752
1 parent 9b7cdb2
commit 8503752
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 1 deletion.
diff --git a/packages/bruno-app/src/components/Preferences/General/index.js b/packages/bruno-app/src/components/Preferences/General/index.js
@@ -21,6 +21,9 @@ const General = ({ close }) => {
       enabled: Yup.boolean(),
       filePath: Yup.string().nullable()
     }),
+    keepDefaultCaCertificates: Yup.object({
+      enabled: Yup.boolean()
+    }),
     storeCookies: Yup.boolean(),
     sendCookies: Yup.boolean(),
     timeout: Yup.mixed()
@@ -43,6 +46,9 @@ const General = ({ close }) => {
         enabled: get(preferences, 'request.customCaCertificate.enabled', false),
         filePath: get(preferences, 'request.customCaCertificate.filePath', null)
       },
+      keepDefaultCaCertificates: {
+        enabled: get(preferences, 'request.keepDefaultCaCertificates.enabled', false)
+      },
       timeout: preferences.request.timeout,
       storeCookies: get(preferences, 'request.storeCookies', true),
       sendCookies: get(preferences, 'request.sendCookies', true)
@@ -68,6 +74,9 @@ const General = ({ close }) => {
             enabled: newPreferences.customCaCertificate.enabled,
             filePath: newPreferences.customCaCertificate.filePath
           },
+          keepDefaultCaCertificates: {
+            enabled: newPreferences.keepDefaultCaCertificates.enabled
+          },
           timeout: newPreferences.timeout,
           storeCookies: newPreferences.storeCookies,
           sendCookies: newPreferences.sendCookies
@@ -158,6 +167,23 @@ const General = ({ close }) => {
             </button>
           </div>
         )}
+        <div className="flex items-center mt-2">
+          <input
+            id="keepDefaultCaCertificatesEnabled"
+            type="checkbox"
+            name="keepDefaultCaCertificates.enabled"
+            checked={formik.values.keepDefaultCaCertificates.enabled}
+            onChange={formik.handleChange}
+            className={`mousetrap mr-0 ${formik.values.customCaCertificate.enabled ? '' : 'opacity-25'}`}
+            disabled={formik.values.customCaCertificate.enabled ? false : true}
+          />
+          <label
+            className={`block ml-2 select-none ${formik.values.customCaCertificate.enabled ? '' : 'opacity-25'}`}
+            htmlFor="keepDefaultCaCertificatesEnabled"
+          >
+            Keep default CA Certificates
+          </label>
+        </div>
         <div className="flex items-center mt-2">
           <input
             id="storeCookies"

diff --git a/packages/bruno-app/src/providers/ReduxStore/slices/app.js b/packages/bruno-app/src/providers/ReduxStore/slices/app.js
@@ -17,6 +17,9 @@ const initialState = {
         enabled: false,
         filePath: null
       },
+      keepDefaultCaCertificates: {
+        enabled: false
+      },
       timeout: 0
     },
     font: {

diff --git a/packages/bruno-electron/src/ipc/network/index.js b/packages/bruno-electron/src/ipc/network/index.js
@@ -2,6 +2,7 @@ const os = require('os');
 const fs = require('fs');
 const qs = require('qs');
 const https = require('https');
+const tls = require('tls');
 const axios = require('axios');
 const path = require('path');
 const decomment = require('decomment');
@@ -105,7 +106,11 @@ const configureRequest = async (
   if (preferencesUtil.shouldUseCustomCaCertificate()) {
     const caCertFilePath = preferencesUtil.getCustomCaCertificateFilePath();
     if (caCertFilePath) {
-      httpsAgentRequestFields['ca'] = fs.readFileSync(caCertFilePath);
+      let caCertBuffer = fs.readFileSync(caCertFilePath);
+      if (preferencesUtil.shouldKeepDefaultCaCertificates()) {
+        caCertBuffer += '\n' + tls.rootCertificates.join('\n'); // Augment default truststore with custom CA certificates
+      }
+      httpsAgentRequestFields['ca'] = caCertBuffer;
     }
   }
 

diff --git a/packages/bruno-electron/src/store/preferences.js b/packages/bruno-electron/src/store/preferences.js
@@ -15,6 +15,9 @@ const defaultPreferences = {
       enabled: false,
       filePath: null
     },
+    keepDefaultCaCertificates: {
+      enabled: false
+    },
     storeCookies: true,
     sendCookies: true,
     timeout: 0
@@ -43,6 +46,9 @@ const preferencesSchema = Yup.object().shape({
       enabled: Yup.boolean(),
       filePath: Yup.string().nullable()
     }),
+    keepDefaultCaCertificates: Yup.object({
+      enabled: Yup.boolean()
+    }),
     storeCookies: Yup.boolean(),
     sendCookies: Yup.boolean(),
     timeout: Yup.number()
@@ -111,6 +117,9 @@ const preferencesUtil = {
   shouldUseCustomCaCertificate: () => {
     return get(getPreferences(), 'request.customCaCertificate.enabled', false);
   },
+  shouldKeepDefaultCaCertificates: () => {
+    return get(getPreferences(), 'request.keepDefaultCaCertificates.enabled', false);
+  },
   getCustomCaCertificateFilePath: () => {
     return get(getPreferences(), 'request.customCaCertificate.filePath', null);
   },