< chilly king 10285> is there a way to skip certificates val Ory Community #ory-copilot

<@U04UQ68083H> is there a way to skip certificates...

freezing-planet-21392

08/08/2025, 12:27 PM

@chilly-king-10285 is there a way to skip certificates validation with web hooks? my services are internal and they use self signed... I'm getting

Copy code

"message": "POST <https://my.hook.internal/hook-endpoint> giving up after 1 attempt(s): Post \"<https://my.hook.internal/hook-endpoint>\": tls: failed to verify certificate: x509: certificate signed by unknown authority"

brief-egg-61061

08/08/2025, 12:27 PM

A message from kapa.ai

brief-egg-61061

08/08/2025, 12:27 PM

I'm sorry, but the knowledge sources do not contain information about a configuration option to skip TLS certificate validation for webhooks in Ory products. While there are documented ways to skip TLS verification for Ory Hydra's own API clients (for example, using

InsecureSkipVerify

in Go or the

--skip-tls-verify

CLI flag) [[Ory Hydra Go: Skip TLS verification](https://www.ory.sh/docs/hydra/self-hosted/go#skip-tls-verification)], there is no mention of a similar option for webhook HTTP requests. For webhooks, the documentation emphasizes security and does not describe a way to disable certificate validation or trust self-signed certificates for outgoing webhook requests [[Trigger custom logic and integrate with external systems with webhooks](https://www.ory.sh/docs/guides/integrate-with-ory-cloud-through-webhooks)]. You may need to use a certificate signed by a trusted CA or ensure your internal CA is trusted by the Ory service making the webhook call. If you need to use self-signed certificates, a possible workaround (not documented in the sources) would be to add your internal CA to the trust store of the Ory service container or environment, but this is not covered in the official documentation.

Open in Slack

Previous Next