httpclient icon indicating copy to clipboard operation
httpclient copied to clipboard

Published 20 hours ago verified publisher icon nahi

Fix CA configuration by SSL_CERT_DIR

Open febeling opened this issue 6 years ago • 5 comments

The environment variable SSL_CERT_DIR is documented to configure an alternative trust CA.

This expected behavior is documented in the SSLConfig module here. It doesn't take effect, though. When searching the library's code for SSL_CERT_DIR it doesn't occur.

This setting is important in cases when a user wants to use a debug proxy, the connection is encrypted, and the client code doesn't use httpclient directly, but through third-party API SDKs, e.g. the google-cloud-storage gem.

Fixes #369

febeling avatar Dec 28 '18 14:12 febeling

Note there is an alternative PR for this bug in #386.

febeling avatar Dec 28 '18 14:12 febeling

Test failures are unrelated to this change. The above mentioned PR states that test failures of master are due to expired fixture certificates.

I'll keep this change deliberately narrow, only fixing the problem at hand.

febeling avatar Dec 28 '18 14:12 febeling

@nahi Any thoughts on this fix?

febeling avatar Mar 12 '19 11:03 febeling

bump, would be good to get this in as it affects other gems, such as OpenIDConnect when attempting to perform discovery

vfazio avatar Jul 15 '19 13:07 vfazio

@nahi Please let me know if I can close, or if there's interest.

febeling avatar Dec 06 '20 20:12 febeling