Add option to disable TLS certificate validation of Onvif connection

[andornaut]

Describe what you are trying to accomplish and why in non technical terms
I'd like to disable TLS certificate validation of Onvif connections to a PTZ camera that has HTTPS enabled, but does not have a valid certificate installed.

Describe the solution you'd like
I'd like there to be an option, such as onvif.tls_insecure:true to disable certificate validation.

Environment

Deployment method: Docker
Version: 0.13.0-0858859 (0.13.0 Beta 2)
Logs:

2023-09-25 11:44:43.958023107  [2023-09-25 11:44:43] frigate.ptz.onvif ERROR : 
Unable to connect to camera: REDACTED: Unknown error: 
HTTPSConnectionPool(host='REDACTED', port=443):
Max retries exceeded with url: /onvif/media_service (Caused by 
SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
unable to get local issuer certificate (_ssl.c:1123)')))
2023-0

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[andornaut]

Bumping to prevent the bot from closing this issue.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[andornaut]

Bumping to prevent the bot from closing this issue.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[andornaut]

Bumping to prevent the bot from closing this issue.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[andornaut]

Bump for the stale bot

[Szewcson]

I also encountered that problem. Other way to solve it will be scripting adding selfsigned rootcert to the frigate container. Unfortunately I'm not figured out yet how I can run update-ca-certificates from compose yaml.

[Szewcson]

I see that is more important to fix it here, since according to that issue moby/moby#44849 appending something to entrypoint/command in docker compose is not possible at all.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[andornaut]

Bump for the stale bot