sharpetronics/faraday
1
0
Fork 0
mirror of https://github.com/lostisland/faraday.git synced 2025-08-29 00:03:58 -04:00
Code Issues Projects Releases Wiki Activity

Use the default system CA certs if available

Browse Source
This commit is contained in:
James Tucker 2011-08-25 23:40:17 -07:00
parent e7ccce1c8c
commit 209f07cb01
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/faraday/adapter/net_http.rb
View File

@ -17,8 +17,18 @@ module Faraday
if http.use_ssl = (url.scheme == 'https' && (ssl = env[:ssl]) && true)
http.verify_mode = ssl[:verify_mode] || begin
ssl.fetch(:verify, true) ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
if ssl.fetch(:verify, true)
OpenSSL::SSL::VERIFY_PEER
# Use the default cert store by default, i.e. system ca certs
store = OpenSSL::X509::Store.new
store.set_default_paths
http.cert_store = store
OpenSSL::SSL::VERIFY_PEER
else
OpenSSL::SSL::VERIFY_NONE
end
end
http.cert = ssl[:client_cert] if ssl[:client_cert]
http.key = ssl[:client_key] if ssl[:client_key]
http.ca_file = ssl[:ca_file] if ssl[:ca_file]