Project

General

Profile

Feature #9758

Allow setting SSLContext#extra_chain_cert in Net::HTTP

Added by stouset (Stephen Touset) over 5 years ago. Updated 6 months ago.

Status:
Open
Priority:
Normal
Assignee:
openssl
Target version:
-
[ruby-core:62090]

Description

Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.

This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users.


Files

History

#1

Updated by zzak (Zachary Scott) about 4 years ago

  • Assignee set to openssl
#2

Updated by nobu (Nobuyoshi Nakada) about 4 years ago

  • Tracker changed from Bug to Feature
  • Description updated (diff)

Updated by stan3 (Tristan Hill) 10 months ago

any feedback on this?

Updated by kitchen (Jeremy Kitchen) 6 months ago

I would also love to know about this. I'm running into an issue right now where I'm trying to use ruby (specifically with rest-client, but it's just a wrapper around Net::HTTP) to call out to an API with a client certificate and need a certificate chain to go along with it. The problem is described very well here: https://medium.com/in-the-weeds/net-http-and-x509-client-certificate-chains-and-monkey-patches-oh-my-ea5258dcb697

Thanks!

Also available in: Atom PDF