stop using httpclient's root cert set.

ref.) nahi/httpclient#445
nov · Oct 1, 2021 · 4a207ed · 4a207ed
1 parent a8f1d2a
commit 4a207ed
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/lib/rack/oauth2.rb b/lib/rack/oauth2.rb
@@ -43,6 +43,11 @@ def self.http_client(agent_name = "Rack::OAuth2 (#{VERSION})", &local_http_confi
       _http_client_ = HTTPClient.new(
         agent_name: agent_name
       )
+
+      # NOTE: httpclient gem seems stopped maintaining root certtificate set, use OS default.
+      _http_client_.ssl_config.clear_cert_store
+      _http_client_.ssl_config.cert_store.set_default_paths
+
       http_config.try(:call, _http_client_)
       local_http_config.try(:call, _http_client_) unless local_http_config.nil?
       _http_client_.request_filter << Debugger::RequestFilter.new if debugging?