charieswei
/
TradingAgents
mirror of https://github.com/TauricResearch/TradingAgents.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
TradingAgents/SSL_CONFIGURATION.md

3.7 KiB
Raw Blame History

SSL Certificate Bundle Configuration for TradingAgents

Overview

This implementation provides flexible SSL/TLS certificate configuration for TradingAgents while maintaining backward compatibility. The system only applies custom SSL settings when explicitly configured via environment variables.

Key Features

1. Environment Variable Based Configuration

  • REQUESTS_CA_BUNDLE or CURL_CA_BUNDLE: Path to custom certificate bundle
  • SSL_VERIFY: Enable/disable SSL verification (true/false)
  • HTTP_TIMEOUT: Custom timeout for HTTP requests (seconds)
  • HTTP_PROXY: HTTP proxy server
  • HTTPS_PROXY: HTTPS proxy server

2. Default Behavior Preservation

  • If no environment variables are set: Uses system default SSL behavior
  • Only applies custom settings when explicitly configured
  • Empty or undefined variables are ignored

3. Comprehensive Coverage

  • LangChain LLM clients: Custom SSL configuration for OpenAI, OpenRouter, etc.
  • HTTP requests: Custom configuration for Google News, Reddit APIs
  • Global SSL setup: Sets environment variables for libraries that respect them

Usage Examples

Basic Usage (No Custom SSL)

# No SSL environment variables set
# Uses system default SSL behavior
python webapp/main.py

Custom Certificate Bundle

# Use custom corporate certificate bundle
export REQUESTS_CA_BUNDLE=/path/to/corporate-ca-bundle.crt
python webapp/main.py

Development/Testing (Disable SSL Verification)

# Disable SSL verification (NOT recommended for production)
export SSL_VERIFY=false
python webapp/main.py

Behind Corporate Proxy

# Configure proxy settings
export HTTP_PROXY=http://proxy.company.com:8080
export HTTPS_PROXY=https://proxy.company.com:8080
export REQUESTS_CA_BUNDLE=/etc/ssl/corporate-ca-bundle.crt
python webapp/main.py

Files Modified

Core Configuration

  • tradingagents/default_config.py: Added SSL configuration parameters
  • tradingagents/dataflows/ssl_utils.py: SSL utility functions (NEW)

Integration Points

  • tradingagents/graph/trading_graph.py: LLM client SSL configuration
  • tradingagents/dataflows/googlenews_utils.py: HTTP requests SSL configuration
  • tradingagents/dataflows/interface.py: Integration with SSL configuration

Documentation and Tools

  • .env.example: Updated with SSL configuration examples
  • diagnose_ssl.py: SSL diagnostic tool (NEW)
  • test_ssl_config.py: SSL configuration test suite (NEW)

Testing

Run the diagnostic tool to check your SSL configuration:

python diagnose_ssl.py

Run the test suite to verify SSL configuration behavior:

python test_ssl_config.py

Troubleshooting

Common SSL Errors and Solutions

  1. Certificate verification failed

    • Set REQUESTS_CA_BUNDLE to correct certificate bundle path
    • Check if your organization uses custom CA certificates

  2. SSL: WRONG_VERSION_NUMBER

    • Usually indicates proxy configuration issues
    • Set appropriate HTTP_PROXY and HTTPS_PROXY variables

  3. Connection timeout

    • Increase HTTP_TIMEOUT value
    • Check network connectivity and proxy settings

  4. Name or service not known

    • Check DNS settings
    • Verify proxy configuration

Getting Help

  1. Run python diagnose_ssl.py for comprehensive SSL diagnostics
  2. Check your organization's IT documentation for certificate bundles
  3. Contact your IT department for corporate proxy and certificate information

Security Considerations

  • Never disable SSL verification in production
  • Use custom certificate bundles for corporate environments
  • Keep certificate bundles updated
  • Secure proxy credentials if using authenticated proxies