Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for cert_pem and key_pem with ssl_bind DSL #2728

merged 4 commits into from Oct 31, 2021


Copy link

@dalibor dalibor commented Oct 27, 2021


We need a way to specify cert and key objects or PEM strings in Puma configuration without relying on file paths. The use-case is when deploying to cloud provider and fetching certificates from Secrets Manager on application boot-up to avoid persisting the certificates on disk for security reasons.

Your checklist for this pull request

  • I have reviewed the guidelines for contributing to this repository.
  • I have added (or updated) appropriate tests if this PR fixes a bug or adds a feature.
  • My pull request is 100 lines added/removed or less so that it can be easily reviewed.
    • This PR is more than 100 lines, but it all comes together to support this feature
  • If this PR doesn't need tests (docs change), I added [ci skip] to the title of the PR.
  • If this closes any issues, I have added "Closes #issue" to the PR description or my commit messages.
  • I have updated the documentation accordingly.
  • All new and existing tests passed, including Rubocop.

PR with clean history for: #2719

Copy link

@dentarg dentarg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks solid to me, haven't tried to run this myself though

Copy link

Just built with PR, restarted with USR1 and USR2, sent curl requests, etc. LGTM.

@dentarg dentarg merged commit 5608248 into puma:master Oct 31, 2021
Copy link

@dentarg @MSP-Greg: Thank you!

JuanitoFatas pushed a commit to JuanitoFatas/puma that referenced this pull request Sep 9, 2022
* Fix deprecation warning

DEPRECATED: Use assert_nil if expecting nil from test/test_binder.rb:265. This will fail in Minitest 6.

* Extend MiniSSL with support for cert_pem and key_pem

* Extend Puma ssl_bind DSL with support for cert_pem and cert_key

* Make some variables in binder test more readable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

4 participants