hailin
/
it0
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: disable TLS verification for Anthropic proxy (self-signed cert) 

Follow iConsulting pattern: set NODE_TLS_REJECT_UNAUTHORIZED=0 when
ANTHROPIC_BASE_URL is configured, enabling connection through the
self-signed proxy at 67.223.119.33.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
hailin 2026-02-23 05:52:02 -08:00
parent 810dcd7def
commit 9126225317
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
packages/services/agent-service/src/infrastructure/engines/claude-agent-sdk/claude-agent-sdk-engine.ts
View File

@ -52,6 +52,12 @@ export class ClaudeAgentSdkEngine implements AgentEnginePort {
// Build environment — subscription mode uses inherited CLI auth, api_key mode overrides
const env: Record<string, string> = { ...process.env } as Record<string, string>;
// Disable TLS verification for proxy endpoints (self-signed certs)
const baseURL = this.configService.get<string>('ANTHROPIC_BASE_URL');
if (baseURL) {
env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
env.ANTHROPIC_BASE_URL = baseURL;
}
if (tenantConfig?.billingMode === 'api_key') {
try {
env.ANTHROPIC_API_KEY = this.tenantConfigService.decryptApiKey(tenantConfig);
@ -226,6 +232,11 @@ export class ClaudeAgentSdkEngine implements AgentEnginePort {
const tenantConfig = await this.tenantConfigService.findByTenantId(tenantId);
const env: Record<string, string> = { ...process.env } as Record<string, string>;
const baseURL = this.configService.get<string>('ANTHROPIC_BASE_URL');
if (baseURL) {
env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
env.ANTHROPIC_BASE_URL = baseURL;
}
if (tenantConfig?.billingMode === 'api_key') {
try {
env.ANTHROPIC_API_KEY = this.tenantConfigService.decryptApiKey(tenantConfig);

8
packages/services/agent-service/src/infrastructure/engines/claude-api/claude-api-engine.ts
View File

@ -47,6 +47,9 @@ export class ClaudeApiEngine implements AgentEnginePort {
}
const baseURL = this.configService.get<string>('ANTHROPIC_BASE_URL');
if (baseURL) {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
}
const client = new Anthropic({ apiKey, ...(baseURL ? { baseURL } : {}) });
const abortController = new AbortController();
@ -230,7 +233,10 @@ export class ClaudeApiEngine implements AgentEnginePort {
if (!apiKey) return false;
const baseURL = this.configService.get<string>('ANTHROPIC_BASE_URL');
const client = new Anthropic({ apiKey, ...(baseURL ? { baseURL } : {}) });
if (baseURL) {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
}
const client = new Anthropic({ apiKey, ...(baseURL ? { baseURL } : {}) });
// Make a minimal API call to verify connectivity
const response = await client.messages.create({