How can I disable TLS verification for MQTT Export

[j54j6]

Hello,

I want to use an encrypted way to transport data from my unRAID Server to my homeassistant. Using the standard Docker Container.
Unfortnetally there is no way to use a SSL Certificate for the Webserver (and the reverse Proxy is not suitable for me) - So I want to use the MQTT export function. I use self signed certificates and neither can import the CA Certificate nor can I disable the TLS verification.

Is there a way to disable it?

Thanks a lot for this project and your help.
j54j6

--

Update:
Now I have found a workarround for this problem.
Unfornetally the installed certificates on my system are not used for the TLS encryption so my imported CA does not count for the glance container.
But on the console the A can be added to certifi with a little script (following) but this is only a workaround. - I will write a extension for glances to add an extra argument providing a CA file to use also self signed stuff (or if I am able to find out how to disable Certificate validation, I will add another argument for this... - Maybe the changes can be pulled to this repository.
by now I can use a self signed TLS certificate but if there is an "offical" way to do this, please share it with me :)

Script:

import certifi
cafile = certifi.where()
with open('pathToYour.pem-File', 'rb') as infile:
    customca = infile.read()
with open(cafile, 'ab') as outfile:
    outfile.write(customca)
print('That might have worked.')

[RazCrimson]

@j54j6

If you just need it for your home server, why not build your own Docker Image with those CA Certificates pre-installed and use that image to generate the container?

[j54j6]

Hey thank you for your answer.
Currently I've done exactly this. But with this approach I need to rebuild the container on each update by myself.
Furthermore I think it is an important feature, to support TLS by design even for local systems.
Many user are using local certificates and in my case I need to create 3 different container for different environments (not connected to each other and I don't want to import certificates that are not needed).
And as I know so far, this is a problem not only for the export types (mqtt, influx etc.) also the webinterface and RESTful API does not support https in general.
But all libaries glances is using are supporting https with a bit of work.
I already created a fork to add https (TLS) to all export methods and the webserver. Using the -C command to import the config I see no problem to support this by design.

~j54j6

[RazCrimson]

My bad, I assumed you just needed it on a single machine.