https://redmine.ruby-lang.org/https://redmine.ruby-lang.org/favicon.ico?17113305112015-09-13T03:27:04ZRuby Issue Tracking SystemRuby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=541672015-09-13T03:27:04Zzzak (zzak _)
<ul><li><strong>Assignee</strong> set to <i>7150</i></li></ul> Ruby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=541822015-09-13T05:35:11Znobu (Nobuyoshi Nakada)nobu@ruby-lang.org
<ul><li><strong>Tracker</strong> changed from <i>Bug</i> to <i>Feature</i></li><li><strong>Description</strong> updated (<a title="View differences" href="/journals/54182/diff?detail_id=38946">diff</a>)</li></ul> Ruby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=752502018-11-28T17:54:54Zstan3 (Tristan Hill)tristan@saticed.me.uk
<ul></ul><p>any feedback on this?</p> Ruby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=771452019-03-18T22:12:15Zkitchen (Jeremy Kitchen)kitchen@kitchen.io
<ul></ul><p>I would also love to know about this. I'm running into an issue right now where I'm trying to use ruby (specifically with rest-client, but it's just a wrapper around Net::HTTP) to call out to an API with a client certificate and need a certificate chain to go along with it. The problem is described very well here: <a href="https://medium.com/in-the-weeds/net-http-and-x509-client-certificate-chains-and-monkey-patches-oh-my-ea5258dcb697" class="external">https://medium.com/in-the-weeds/net-http-and-x509-client-certificate-chains-and-monkey-patches-oh-my-ea5258dcb697</a></p>
<p>Thanks!</p> Ruby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=830502019-12-09T20:18:04Zdanielc192 (Daniel Cohen)danielc192@gmail.com
<ul></ul><p>This change is still blocking X509 certificate presentation with Net::HTTP, specifically when an intermediate certificate is required. The current workaround is to create a mixin for the Net::HTTP module (see the blog post linked in the previous comment), but this isn't a great long term solution. Is there another, less hacky way to solve this?</p>
<p>This issue has been open for nearly 5 years. Other than the patch being outdated, is there a reason this hasn't been merged? I'm happy to update the patch and resubmit, if that's the only obstacle.</p>
<p>Thanks!</p> Ruby master - Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTPhttps://redmine.ruby-lang.org/issues/9758?journal_id=855132020-05-12T03:56:41ZAnonymous
<ul><li><strong>Status</strong> changed from <i>Open</i> to <i>Closed</i></li></ul><p>Applied in changeset <a class="changeset" title="Expose SSLContext#extra_chain_cert in Net::HTTP Currently, Net::HTTP can only send a single SSL ..." href="https://redmine.ruby-lang.org/projects/ruby-master/repository/git/revisions/31af0dafba6d3769d2a39617c0dddedb97883712">git|31af0dafba6d3769d2a39617c0dddedb97883712</a>.</p>
<hr>
<p>Expose SSLContext#extra_chain_cert in Net::HTTP</p>
<p>Currently, Net::HTTP can only send a single SSL certificate when it<br>
establishes a connection. Some use-cases involve sending an entire<br>
certificate chain to the destination; for this, SSLContext supports<br>
assigning to #extra_chain_cert=.</p>
<p>This adds support in Net::HTTP for exposing this underlying SSLContext<br>
property to end-users. [Feature <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: Allow setting SSLContext#extra_chain_cert in Net::HTTP (Closed)" href="https://redmine.ruby-lang.org/issues/9758">#9758</a>]</p>