Support for Ignoring SSL Certificate Validation in MinIO .NET SDK
lkorcm opened this issue · 1 comments
Is your feature request related to a problem? Please describe.
The core of the issue lies in the lack of support within the MinIO .NET SDK for selectively ignoring SSL certificate validation, a feature that is available in SDKs for other languages. This limitation becomes problematic when working in environments where self-signed certificates are used, such as in development or testing stages. The current absence of this feature in the .NET SDK forces developers to consider less secure, global approaches to bypass SSL validation, which could potentially lower the security of the entire application.
Describe the solution you'd like
I am seeking the introduction of a feature within the MinIO .NET SDK that would allow developers to selectively ignore SSL certificate validation specifically for MinIO client connections. This capability should be easy to configure, perhaps through a straightforward option in the SDK's settings or via a method that can be called when initializing the MinIO client. Such a feature would enable developers to maintain a secure environment for their applications while also accommodating the need to connect to MinIO services in scenarios where SSL certificate validation needs to be bypassed.
Describe alternatives you've considered
As alternatives, I have considered:
Globally ignoring SSL certificate validation for the entire application, which is not advisable due to security concerns.
Developing a custom solution to bypass SSL validation only for MinIO connections, which could introduce unnecessary complexity and potential security risks.
Additional context
The availability of a feature to ignore SSL certificate validation in SDKs for other languages has proven to be invaluable, especially during development and testing phases. Implementing a similar feature in the MinIO .NET SDK would greatly benefit .NET developers, enabling more flexible and secure application development without compromising on security practices elsewhere within their projects.