* [ruby-core:62090] [ruby-trunk - Bug #9758] [Open] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
@ 2014-04-18 20:47 ` stephen
2015-09-13 3:27 ` [ruby-core:70784] [Ruby trunk - Bug #9758] " zzak
` (4 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: stephen @ 2014-04-18 20:47 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been reported by Stephen Touset.
----------------------------------------
Bug #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758
* Author: Stephen Touset
* Status: Open
* Priority: Normal
* Assignee:
* Category: lib
* Target version: current: 2.2.0
* ruby -v: ruby 2.1.0p0 (2013-12-25 revision 44422) [x86_64-darwin12.0]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.
This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [ruby-core:70784] [Ruby trunk - Bug #9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
2014-04-18 20:47 ` [ruby-core:62090] [ruby-trunk - Bug #9758] [Open] Allow setting SSLContext#extra_chain_cert in Net::HTTP stephen
@ 2015-09-13 3:27 ` zzak
2015-09-13 5:35 ` [ruby-core:70797] [Ruby trunk - Feature " nobu
` (3 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: zzak @ 2015-09-13 3:27 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been updated by Zachary Scott.
Assignee set to openssl
----------------------------------------
Bug #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758#change-54167
* Author: Stephen Touset
* Status: Open
* Priority: Normal
* Assignee: openssl
* ruby -v: ruby 2.1.0p0 (2013-12-25 revision 44422) [x86_64-darwin12.0]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.
This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [ruby-core:70797] [Ruby trunk - Feature #9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
2014-04-18 20:47 ` [ruby-core:62090] [ruby-trunk - Bug #9758] [Open] Allow setting SSLContext#extra_chain_cert in Net::HTTP stephen
2015-09-13 3:27 ` [ruby-core:70784] [Ruby trunk - Bug #9758] " zzak
@ 2015-09-13 5:35 ` nobu
2018-11-28 17:54 ` [ruby-core:90130] [Ruby trunk Feature#9758] " tristan
` (2 subsequent siblings)
5 siblings, 0 replies; 6+ messages in thread
From: nobu @ 2015-09-13 5:35 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been updated by Nobuyoshi Nakada.
Tracker changed from Bug to Feature
Description updated
----------------------------------------
Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758#change-54182
* Author: Stephen Touset
* Status: Open
* Priority: Normal
* Assignee: openssl
----------------------------------------
Currently, `Net::HTTP` can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, `SSLContext` supports
assigning to `#extra_chain_cert=`.
This adds support in `Net::HTTP` for exposing this underlying `SSLContext`
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [ruby-core:90130] [Ruby trunk Feature#9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
` (2 preceding siblings ...)
2015-09-13 5:35 ` [ruby-core:70797] [Ruby trunk - Feature " nobu
@ 2018-11-28 17:54 ` tristan
2019-03-18 22:12 ` [ruby-core:91877] " kitchen
2019-12-09 20:18 ` [ruby-core:96174] [Ruby master " danielc192
5 siblings, 0 replies; 6+ messages in thread
From: tristan @ 2018-11-28 17:54 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been updated by stan3 (Tristan Hill).
sny feedback on this?
----------------------------------------
Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758#change-75250
* Author: stouset (Stephen Touset)
* Status: Open
* Priority: Normal
* Assignee: openssl
* Target version:
----------------------------------------
Currently, `Net::HTTP` can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, `SSLContext` supports
assigning to `#extra_chain_cert=`.
This adds support in `Net::HTTP` for exposing this underlying `SSLContext`
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [ruby-core:91877] [Ruby trunk Feature#9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
` (3 preceding siblings ...)
2018-11-28 17:54 ` [ruby-core:90130] [Ruby trunk Feature#9758] " tristan
@ 2019-03-18 22:12 ` kitchen
2019-12-09 20:18 ` [ruby-core:96174] [Ruby master " danielc192
5 siblings, 0 replies; 6+ messages in thread
From: kitchen @ 2019-03-18 22:12 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been updated by kitchen (Jeremy Kitchen).
I would also love to know about this. I'm running into an issue right now where I'm trying to use ruby (specifically with rest-client, but it's just a wrapper around Net::HTTP) to call out to an API with a client certificate and need a certificate chain to go along with it. The problem is described very well here: https://medium.com/in-the-weeds/net-http-and-x509-client-certificate-chains-and-monkey-patches-oh-my-ea5258dcb697
Thanks!
----------------------------------------
Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758#change-77145
* Author: stouset (Stephen Touset)
* Status: Open
* Priority: Normal
* Assignee: openssl
* Target version:
----------------------------------------
Currently, `Net::HTTP` can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, `SSLContext` supports
assigning to `#extra_chain_cert=`.
This adds support in `Net::HTTP` for exposing this underlying `SSLContext`
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
* [ruby-core:96174] [Ruby master Feature#9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
` (4 preceding siblings ...)
2019-03-18 22:12 ` [ruby-core:91877] " kitchen
@ 2019-12-09 20:18 ` danielc192
5 siblings, 0 replies; 6+ messages in thread
From: danielc192 @ 2019-12-09 20:18 UTC (permalink / raw)
To: ruby-core
Issue #9758 has been updated by danielc192 (Daniel Cohen).
This change is still blocking X509 certificate presentation with Net::HTTP, specifically when an intermediate certificate is required. The current workaround is to create a mixin for the Net::HTTP module (see the blog post linked in the previous comment), but this isn't a great long term solution. Is there another, less hacky way to solve this?
This issue has been open for nearly 5 years. Other than the patch being outdated, is there a reason this hasn't been merged? I'm happy to update the patch and resubmit, if that's the only obstacle.
Thanks!
----------------------------------------
Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP
https://bugs.ruby-lang.org/issues/9758#change-83050
* Author: stouset (Stephen Touset)
* Status: Open
* Priority: Normal
* Assignee: openssl
* Target version:
----------------------------------------
Currently, `Net::HTTP` can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, `SSLContext` supports
assigning to `#extra_chain_cert=`.
This adds support in `Net::HTTP` for exposing this underlying `SSLContext`
property to end-users.
---Files--------------------------------
0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-12-09 20:18 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <redmine.issue-9758.20140418204743@ruby-lang.org>
2014-04-18 20:47 ` [ruby-core:62090] [ruby-trunk - Bug #9758] [Open] Allow setting SSLContext#extra_chain_cert in Net::HTTP stephen
2015-09-13 3:27 ` [ruby-core:70784] [Ruby trunk - Bug #9758] " zzak
2015-09-13 5:35 ` [ruby-core:70797] [Ruby trunk - Feature " nobu
2018-11-28 17:54 ` [ruby-core:90130] [Ruby trunk Feature#9758] " tristan
2019-03-18 22:12 ` [ruby-core:91877] " kitchen
2019-12-09 20:18 ` [ruby-core:96174] [Ruby master " danielc192
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).