Which directory should I put the crt/pem certificate in?

[AfterStories]

Before submitting your bug report

• I believe this is a bug. I'll try to join the Continue Discord for questions
• I'm not able to find an open issue that reports the same bug
• I've seen the troubleshooting guide on the Continue Docs

Relevant environment info

- OS:Win
- Continue version:0.0.84
- Model:my custom model
- config.json:
  
{
  model: "ABC",
  provider: "ABC",
  apiKey: "ABC",
  title: "ABC",
  apiBase: "https://www.mytest.com/abc",
        "caBundlePath": [
          "C:/Users/abc/Desktop/Code/ABC3.crt",
          "C:/Users/abc/Desktop/Code/ABC2.crt",
         "C:/Users/abc/Desktop/Code/ABC1.crt",
        ]
};

Description

My API uses custom certificates. According to the following document, I need to configure a pem certificate, and after the configuration,now it is successful to use the API
https://docs.continue.dev/troubleshooting#configure-certificates

My question:

I edit the core\config\default.ts file. I hope that after my users install the plugin, the default model displayed is my "ABC" model, and it can be used directly,No need to manually add models, So I changed the default config to ABC model, hoping that the generated config.json file would contain the default config like this:

export const DEFAULT_CHAT_MODEL_CONFIG: ModelDescription = {
      model: "ABC",
      provider: "ABC",
      apiKey: "ABC",
      title: "ABC",
      apiBase: "https://www.mytest.com/abc",
      "caBundlePath": [
      "C:/Users/abc/Desktop/Code/ABC3.crt",
      "C:/Users/abc/Desktop/Code/ABC2.crt",
      "C:/Users/abc/Desktop/Code/ABC1.crt",
]
};

However, when I package the project into an installation package for others users to install and use, I think I need the installation package zip file to also contain these special certificate files so that users can call my API.

So where should I put these certificate files so that the packaged installation package contains these certificate files? And the config.json of continue after installation should be able to read these certificate files correctly. You can see that my current certificate address is written as an absolute path, I think it should be configured as a relative path

---

By the way, I think you need to supplement the documentation. After my test, it is OK to use crt file directly. The troubleshooting document example uses pem file. In addition, it is not possible to use crt certificate at server domain level directly. You need to configure multiple levels of complete certificates in array. Although you suggested that you can use array, I didn’t know which certificates I needed to configure in the array at first. After asking GPT, learning and testing, I found that I can use the "connection is secure" menu in the browser address bar to export the server certificate, and see in the details tab that usually the server certificate has three levels, from root level, to middle level, and specific server domain level. The three levels of certificates are exported as crt files and configured in the array, and finally I can call my API. I think this is a special knowledge in the network.

To reproduce

No response

Log output

No response

[Patrick-Erichsen]

@AfterStories are you trying to just configure the caBundlePath for yourself, or are you trying to modify the extension source code to build your own plugin that sets a default location?

If it's the first option, it shouldn't matter where you set the caBundlePath location. For the second option, the plugin doesn't currently have any behavior for a default caBundlePath so you'd need to implement this logic.

[AfterStories]

hi, @Patrick-Erichsen,

I hope to achieve a goal. After installing the plugin, the model loaded is my own model configuration. Assuming the name is ABC, it will call my own API.
Currently, the default configuration of the source code is "claude-3-5-sonnet-latest", which is in the core/config/default.ts file:

export const DEFAULT_CHAT_MODEL_CONFIG: ModelDescription = {
model: "claude-3-5-sonnet-latest",
provider: "anthropic",
apiKey: "",
title: "Claude 3.5 Sonnet",
};

So I modified this file, so I think yes, I modified the source code. change to

export const DEFAULT_CHAT_MODEL_CONFIG: ModelDescription = {
      model: "ABC",
      provider: "ABC",
      apiKey: "ABC",
      title: "ABC",
      apiBase: "https://www.mytest.com/abc",
      "caBundlePath": [
      "C:/Users/abc/Desktop/Code/ABC3.crt",
      "C:/Users/abc/Desktop/Code/ABC2.crt",
      "C:/Users/abc/Desktop/Code/ABC1.crt",
]
};

But I don't know the logic of the process of packaging into an installation package. Can you please guide me? I want to include my crt/pem files in the final packaged installation package

I noticed that after installing the plugin using the installation package, the plugin configuration directory will be generated in the C:\Users\account_name.continue directory, which contains config.json. Can you tell me where the logic code for generating this directory in the user's computer directory is? Maybe I can try to write a similar logic in it, put the certificate file in this directory, and let the config.json here read the crt/pem certificate file in the same directory.

And,the packaging command is ./gradlew.bat buildPlugin
It seems that gradlew is used for packaging. Maybe I should try to modify which gradlew task script? Or binary/build.js file? Please give me some tips, I will learn to try to read the code and implement the requirements myself
Thank You

[AfterStories]

Ok guys, I think I found a config item that can turn off SSL verification, but this configuration is not mentioned in the continue docs

{
  "models": [
  {
   "title": "My Model",
   ...
   "requestOptions": {
     "verifySsl": false //close the  ssl verify
    }
   }
],
...
}

After debugging, I found that the "node-fetch" library is actually used when continuing to call the API request in the packages\fetch\src\fetch.ts when your add requestOptions in config.json

[Patrick-Erichsen]

Did you come across this section of the docs by any chance? If not I'm curious where you were looking, maybe there's a better place we can call this out.

[AfterStories]

Ohh, sorry, I really didn't read this part, because before encountering specific problems, I usually don't pay special attention to these detailed configurations. I found the use of verifySsl by debug the source code.

I think maybe writing this config item in this document may also help people who encounter the same problem, https://docs.continue.dev/troubleshooting#configure-certificates

[AfterStories]

After testing, I found that in IntelliJ, you only need to configure "verifySsl": false to turn off verification. This is a configuration item provided by the "node-fetch" library. However, if you call the API in vscode, you still need to configure the certificate crt/pem files to succeed. It seems that calling the API request in vscode does not use node-fetch? For me, I don't need to care about vscode for the time being. I decided not to close this issue for the time being. If anyone has a way to turn off ssl verification in vscode, please feel free to leave a message.