Skip to content

fix(cli): add SSL verification option for client transports #9551

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yumosx wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix(cli): add SSL verification option for client transports #9551

yumosx wants to merge 3 commits into from

Conversation

@yumosx
Copy link

@yumosx yumosx commented Jan 15, 2026
edited by cubic-dev-ai bot
Loading

Description

Add support for disabling SSL verification when verifySsl flag is false by providing a custom HTTPS agent. This allows connections to servers with self-signed certificates or in development environments where SSL verification needs to be bypassed.

ref: #6215

AI Code Review

  • Team members only: AI review runs automatically when PR is opened or marked ready for review
  • Team members can also trigger a review by commenting @continue-review

Checklist

  • I've read the contributing guide
  • The relevant docs, if any, have been updated or created
  • The relevant tests, if any, have been updated or created

Screen recording or screenshot

[ When applicable, please include a short screen recording or screenshot - this makes it much easier for us as contributors to review and understand your changes. See this PR as a good example. ]

Tests

[ What tests were added or updated to ensure the changes work as expected? ]

Continue Tasks

Status Task Actions
▶️ Queued Update docs on PR View

Powered by Continue

Summary by cubic

Adds an optional SSL bypass for MCP SSE and HTTP client transports. When requestOptions.verifySsl is false, connections to self-signed or dev servers work; default behavior remains unchanged.

  • New Features
    • Use https.Agent({ rejectUnauthorized: false }) when verifySsl is false for SSE and streamable-http transports.
    • No agent is created when verifySsl is true or unset.
    • Added tests covering both transports and verifySsl states.

Written for commit 173b9db. Summary will update on new commits.

yumosx added 2 commits January 15, 2026 06:15
@yumosx
fix(mcp): add SSL verification option for client transports
73d50bf 
Add support for disabling SSL verification when verifySsl flag is false by providing a custom HTTPS agent. This allows connections to servers with self-signed certificates or in development environments where SSL verification needs to be bypassed.
@yumosx
Add tests for SSL verification handling in MCPService
ba9d27e
@yumosx yumosx requested a review from a team as a code owner January 15, 2026 07:34
@yumosx yumosx removed the request for review from a team January 15, 2026 07:34
@yumosx yumosx requested a review from sestinj January 15, 2026 07:34
@continue
Copy link
Contributor

continue bot commented Jan 15, 2026

All Green - Keep your PRs mergeable

Learn more

All Green is an AI agent that automatically:

✅ Addresses code review comments

✅ Fixes failing CI checks

✅ Resolves merge conflicts

Unsubscribe from All Green comments

@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Jan 15, 2026
@github-actions
Copy link

github-actions bot commented Jan 15, 2026
edited
Loading

All contributors have signed the CLA ✍️ ✅
Posted by the CLA Assistant Lite bot.

@yumosx
Copy link
Author

yumosx commented Jan 15, 2026

I have read the CLA Document and I hereby sign the CLA

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 15, 2026
View reviewed changes
extensions/cli/src/services/MCPService.ts
const sseAgent =
serverConfig.requestOptions?.verifySsl === false
? new HttpsAgent({ rejectUnauthorized: false })
: undefined;

Check failure

Code scanning / CodeQL

Disabling certificate validation High

Disabling certificate validation is strongly discouraged.
extensions/cli/src/services/MCPService.ts
const streamableAgent =
serverConfig.requestOptions?.verifySsl === false
? new HttpsAgent({ rejectUnauthorized: false })
: undefined;

Check failure

Code scanning / CodeQL

Disabling certificate validation High

Disabling certificate validation is strongly discouraged.
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jan 15, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@yumosx yumosx mentioned this pull request Jan 15, 2026
Open
3 tasks
@yumosx
Copy link
Author

yumosx commented Jan 15, 2026
edited
Loading

@RomneyDa @sestinj I noticed that the lint errors were not introduced by this PR. I am more than happy to fix these lints.

> @continuedev/cli@0.0.0-dev lint
> tsc --noEmit && eslint .


/home/runner/work/continue/continue/extensions/cli/src/services/MCPService.ts
Error:   622:1  error  File has too many lines (515). Maximum allowed is 500  max-lines

 1 problem (1 error, 0 warnings)

Error: Process completed with exit code 1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@sestinj sestinj Awaiting requested review from sestinj sestinj is a code owner automatically assigned from continuedev/continue-code-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

size:L This PR changes 100-499 lines, ignoring generated files.

Projects

Issues and PRs
Status: Todo

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yumosx