Skip to content

Commit

Permalink
Expose SSLContext#extra_chain_cert in Net::HTTP
Browse files Browse the repository at this point in the history 
Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.

This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users. [Feature #9758]
  • Loading branch information
@stouset @nurse
stouset authored and nurse committed May 12, 2020
1 parent 946dadd commit 31af0da
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions lib/net/http.rb
View file
Expand Up @@ -850,6 +850,7 @@ def use_ssl=(flag)
:@cert,
:@cert_store,
:@ciphers,
:@extra_chain_cert,
:@key,
:@ssl_timeout,
:@ssl_version,
Expand All @@ -866,6 +867,7 @@ def use_ssl=(flag)
:cert,
:cert_store,
:ciphers,
:extra_chain_cert
:key,
:ssl_timeout,
:ssl_version,
Expand Down Expand Up @@ -896,6 +898,10 @@ def use_ssl=(flag)
# Sets the available ciphers. See OpenSSL::SSL::SSLContext#ciphers=
attr_accessor :ciphers

# Sets the extra X509 certificates to be added to the certificate chain.
# See OpenSSL::SSL::SSLContext#extra_chain_cert=
attr_accessor :extra_chain_cert

# Sets an OpenSSL::PKey::RSA or OpenSSL::PKey::DSA object.
# (This method is appeared in Michal Rokos's OpenSSL extension.)
attr_accessor :key
Expand Down

0 comments on commit 31af0da

Please sign in to comment.