Merge pull request #2083 from mattermost/plt-1879

PLT-1879 Add config setting to accept unsigned TLS certs for SSO and outgoing hooks, also fix delete…

2 files changed, 52 insertions, 2 deletions

diff --git a/web/react/components/admin_console/service_settings.jsx b/web/react/components/admin_console/service_settings.jsx
index 2cc68d1ed..f232d4633 100644
--- a/web/react/components/admin_console/service_settings.jsx
+++ b/web/react/components/admin_console/service_settings.jsx
@@ -75,6 +75,7 @@ class ServiceSettings extends React.Component {
         config.ServiceSettings.EnableTesting = ReactDOM.findDOMNode(this.refs.EnableTesting).checked;
         config.ServiceSettings.EnableDeveloper = ReactDOM.findDOMNode(this.refs.EnableDeveloper).checked;
         config.ServiceSettings.EnableSecurityFixAlert = ReactDOM.findDOMNode(this.refs.EnableSecurityFixAlert).checked;
+        config.ServiceSettings.EnableInsecureOutgoingConnections = ReactDOM.findDOMNode(this.refs.EnableInsecureOutgoingConnections).checked;
         config.ServiceSettings.EnableCommands = ReactDOM.findDOMNode(this.refs.EnableCommands).checked;
         config.ServiceSettings.EnableOnlyAdminIntegrations = ReactDOM.findDOMNode(this.refs.EnableOnlyAdminIntegrations).checked;
 
@@ -720,6 +721,53 @@ class ServiceSettings extends React.Component {
                     <div className='form-group'>
                         <label
                             className='control-label col-sm-4'
+                            htmlFor='EnableInsecureOutgoingConnections'
+                        >
+                            <FormattedMessage
+                                id='admin.service.insecureTlsTitle'
+                                defaultMessage='Enable Insecure Outgoing Connections: '
+                            />
+                        </label>
+                        <div className='col-sm-8'>
+                            <label className='radio-inline'>
+                                <input
+                                    type='radio'
+                                    name='EnableInsecureOutgoingConnections'
+                                    value='true'
+                                    ref='EnableInsecureOutgoingConnections'
+                                    defaultChecked={this.props.config.ServiceSettings.EnableInsecureOutgoingConnections}
+                                    onChange={this.handleChange}
+                                />
+                                    <FormattedMessage
+                                        id='admin.service.true'
+                                        defaultMessage='true'
+                                    />
+                            </label>
+                            <label className='radio-inline'>
+                                <input
+                                    type='radio'
+                                    name='EnableInsecureOutgoingConnections'
+                                    value='false'
+                                    defaultChecked={!this.props.config.ServiceSettings.EnableInsecureOutgoingConnections}
+                                    onChange={this.handleChange}
+                                />
+                                    <FormattedMessage
+                                        id='admin.service.false'
+                                        defaultMessage='false'
+                                    />
+                            </label>
+                            <p className='help-text'>
+                                <FormattedMessage
+                                    id='admin.service.insecureTlsDesc'
+                                    defaultMessage='When true, any outgoing HTTPS requests will accept unverified, self-signed certificates. For example, outgoing webhooks to a server with a self-signed TLS certificate, using any domain, will be allowed. Note that this makes these connections susceptible to man-in-the-middle attacks.'
+                                />
+                            </p>
+                        </div>
+                    </div>
+
+                    <div className='form-group'>
+                        <label
+                            className='control-label col-sm-4'
                             htmlFor='SessionLengthWebInDays'
                         >
                             <FormattedMessage
@@ -896,4 +944,4 @@ ServiceSettings.propTypes = {
     config: React.PropTypes.object
 };
 
-export default injectIntl(ServiceSettings);
\ No newline at end of file
+export default injectIntl(ServiceSettings);
diff --git a/web/static/i18n/en.json b/web/static/i18n/en.json
index 0bb238a90..0ce679a27 100644
--- a/web/static/i18n/en.json
+++ b/web/static/i18n/en.json
@@ -365,6 +365,8 @@
   "admin.service.developerDesc": "(Developer Option) When true, extra information around errors will be displayed in the UI.",
   "admin.service.securityTitle": "Enable Security Alerts: ",
   "admin.service.securityDesc": "When true, System Administrators are notified by email if a relevant security fix alert has been announced in the last 12 hours. Requires email to be enabled.",
+  "admin.service.insecureTlsTitle": "Enable Insecure Outgoing Connections: ",
+  "admin.service.insecureTlsDesc": "When true, any outgoing HTTPS requests will accept unverified, self-signed certificates. For example, outgoing webhooks to a server with a self-signed TLS certificate, using any domain, will be allowed. Note that this makes these connections susceptible to man-in-the-middle attacks.",
   "admin.service.webSessionDays": "Session Length for Web in Days:",
   "admin.service.webSessionDaysDesc": "The web session will expire after the number of days specified and will require a user to login again.",
   "admin.service.mobileSessionDays": "Session Length for Mobile Device in Days:",
@@ -1262,4 +1264,4 @@
   "intro_messages.beginning": "Beginning of {name}",
   "intro_messages.invite": "Invite others to this {type}",
   "intro_messages.setHeader": "Set a Header"
-}
\ No newline at end of file
+}