Setup a cert store for https connections so we can set the default paths

Nathan Sutton · Nathan Sutton · commit 09b97434cabf · 2014-07-31T15:30:08.000-05:00
diff --git a/lib/zencoder/http/net_http.rb b/lib/zencoder/http/net_http.rb
@@ -62,10 +62,17 @@ def http
             http.verify_mode = OpenSSL::SSL::VERIFY_NONE
           else
             http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-          end
 
-          http.ca_file = ca_file if ca_file
-          http.ca_path = ca_path if ca_path
+            http.cert_store = OpenSSL::X509::Store.new
+            http.cert_store.set_default_paths
+
+            if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
+              http.cert_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
+            end
+
+            http.cert_store.add_file(ca_file) if ca_file
+            http.cert_store.add_path(ca_path) if ca_path
+          end
         end
 
         http
