Support Custom CA Certs with DAST Analyzer

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

GitLab's DAST analyzer does not support custom CA cert chains, both in on-demand scans and CI pipeline configurations. Support for custom CA certs was added to SAST, Dependency Scanning, and Container Scanning through the ADDITIONAL_CA_CERT_BUNDLE environment variable in GitLab version 13.11; however, this variable does not currently support DAST.

Proposal

Add support for custom CA certs chains to on-demand and pipeline DAST scans through either the ADDITIONAL_CA_CERT_BUNDLE environment variable or an alternate solution.

Intended users

Self-managed customers operating GitLab instances in environments that use custom SSL certificates, common in government and enterprise networks.