Skip to content

feat: mcp support disable ssl validation #9382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 24, 2025
Merged

feat: mcp support disable ssl validation #9382

merged 6 commits into from
Nov 24, 2025
+72 −10

Conversation

@ZxBing0066
Copy link
Member

@ZxBing0066 ZxBing0066 commented Nov 14, 2025
edited
Loading

Background

INS-1721
For developers, they may need self-verified certificates for localhost development. MCP inspector runs on a browser, which could support forcing trust in an unsafe cert.
For Insomnia, we could provide an SSL Certificate Validation option for developers, which could help them to develop with a self-signed cert.

Changes

  • Add a sslValidation option
  • Add a color indicator

@ZxBing0066 ZxBing0066 self-assigned this Nov 14, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 14, 2025
View reviewed changes
Copilot finished reviewing on behalf of ZxBing0066 November 14, 2025 06:09
Copilot AI reviewed Nov 14, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new feature to disable SSL certificate validation for MCP (Model Context Protocol) connections, enabling developers to work with self-signed certificates in local development environments. The implementation includes both the backend functionality and UI controls with visual indicators.

Key Changes:

  • Added a disableSslValidation boolean property to the MCP request model that controls the rejectUnauthorized TLS option
  • Implemented a toggle button in the MCP Certificates modal for users to enable/disable SSL validation
  • Added a color-coded indicator (warning/success) on the "Manage Certificates" button to show the current SSL validation status

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
packages/insomnia/src/models/mcp-request.ts Adds the disableSslValidation boolean field to the MCP request model with a default value of false
packages/insomnia/src/main/mcp/common.ts Implements the SSL validation bypass by setting rejectUnauthorized: false when the option is enabled
packages/insomnia/src/ui/components/modals/mcp-certificates-modal.tsx Adds UI toggle control and informational messaging for the SSL validation option in the certificates modal
packages/insomnia/src/ui/components/mcp/mcp-pane.tsx Implements visual status indicator on the "Manage Certificates" button showing SSL validation state

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 17, 2025
View reviewed changes
@ZxBing0066 ZxBing0066 marked this pull request as ready for review November 18, 2025 02:36
@ZxBing0066 ZxBing0066 enabled auto-merge (squash) November 24, 2025 09:17
@ZxBing0066 ZxBing0066 merged commit 11c852d into develop Nov 24, 2025
14 checks passed
@ZxBing0066 ZxBing0066 deleted the feat/disable-mcp-ssl-validation branch November 24, 2025 09:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cwangsmv cwangsmv cwangsmv approved these changes

@CurryYangxx CurryYangxx Awaiting requested review from CurryYangxx

Assignees

@ZxBing0066 ZxBing0066

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ZxBing0066 @cwangsmv