ssl

modules/servers/keyhelpmanager/keyhelpmanager.php

@@ -58,8 +58,11 @@ function _keyhelpmanager_APIRequest(
         $apiKey = $params["serveraccesshash"] ?? "";
         $useSSL = $params["serversecure"] ?? "on";
 
-        // Verify SSL is enabled by default for security
-        $verifySSL = "on";
+        // Check if SSL verification should be disabled
+        // Automatically disable for IP addresses or if serverhttpprefix is set to "no-verify"
+        $httpPrefix = $params["serverhttpprefix"] ?? "";
+        $isIpAddress = filter_var($hostname, FILTER_VALIDATE_IP) !== false;
+        $verifySSL = $httpPrefix === "no-verify" || $isIpAddress ? "off" : "on";
 
         if (empty($hostname) || empty($apiKey)) {
             return [
@@ -72,6 +75,17 @@ function _keyhelpmanager_APIRequest(
         $protocol = $useSSL === "on" ? "https" : "http";
         $url = sprintf("%s://%s/api/v2%s", $protocol, $hostname, $endpoint);
 
+        // Log warning if SSL verification is disabled
+        if ($verifySSL === "off") {
+            logActivity(
+                "KeyHelp Manager: SSL verification disabled for " .
+                    $hostname .
+                    ($isIpAddress
+                        ? " (IP address detected)"
+                        : " (manual override)"),
+            );
+        }
+
         $client = new \GuzzleHttp\Client([
             "verify" => $verifySSL === "on",
             "timeout" => 30,