Document our approach to SSL preflighting

2025-09-22 00:00:31 -04:00 · 2014-04-10 12:44:16 -07:00 · 2014-04-10 12:44:16 -07:00 · 48f76057f4
commit 48f76057f4
parent e6850316f7
1 changed files with 8 additions and 0 deletions
--- a/lib/stripe/certificate_blacklist.rb
+++ b/lib/stripe/certificate_blacklist.rb
@ -13,6 +13,14 @@ module Stripe
      ]
    }

+    # Preflight the SSL certificate presented by the backend. This isn't 100%
+    # bulletproof, in that we're not actually validating the transport used to
+    # communicate with Stripe, merely that the first attempt to does not use a
+    # revoked certificate.
+
+    # Unfortunately the interface to OpenSSL doesn't make it easy to check the
+    # certificate before sending potentially sensitive data on the wire. This
+    # approach raises the bar for an attacker significantly.

    def self.check_ssl_cert(uri, ca_file)
      uri = URI.parse(uri)