Ruby » Ruby master

Use Case:¶

I want to connect to an HTTP(S) server (using Net::HTTP) that cannot connect with security level¹ 2 and needs to specify security level 1.
My server is a newer debian (docker image ruby:3.0.3, based on debian bullseye) and I need to change the configuration in /etc/ssl/openssl.cnf to do the above.
And I really don't want to do that, because it affects other SSL communication between my server and other servers.

So it would be nice if there is a Net::HTTP#security_level= that can change the OpenSSL::SSL::SSLContext instance, just like we already have Net::HTTP#max_version=.

Note that similar information has been posted² to the mailing list in the past.

1. https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html ↩

2. http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/50825 ↩