Base provider HTTP client - legacy systems

[voytech-net]

Is your feature request related to a problem? Please describe.
Some legacy systems (SAP) can have a valid SSL connection, however Go HTTP client fails with pre-delivery error and tls: handshake failure.

Describe the solution you'd like
Could there be a ENV variable that would alter the CipherSuites in the transport such as:
`

InsecureSkipVerify: true, //ENV variable for this boolean for self-signed certificates
CipherSuites: []uint16{ //ENV variable for a list of cipher suites
    tls.TLS_RSA_WITH_AES_128_CBC_SHA,
    tls.TLS_RSA_WITH_AES_256_CBC_SHA,
    tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
    tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
}

`

Describe alternatives you've considered
The only alternative for me is to build a custom Docker image with this change

[alexluong]

Hi @voytech-net, thanks for raising this ticket and appreciate your patience so far. I've looked into this issue and agree that there needs to be some configuration enhancement from our side to support your use case here.

I have 2 questions:

• Do you use our portal?
• Do you think this HTTP client TLS option should be Outpost-wide or should it be specific to a destination?

Personally I'm leaning towards making it specific to a specific destination, but that requires you to have custom configuration when creating destination. So if you're using the portal, I think that's probably not feasible.

So in other words, I see 2 options

1: a config like DESTINATIONS_WEBHOOK_TLS_LEGACY or something along those line -> all HTTP clients for webhook delivery will use RSA cipher.
2: destination config like config.tls_legacy -> only this destination

Would love to hear more from you and hope to come up with an acceptable solution for you soon!