From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS4713 221.184.0.0/13 X-Spam-Status: No, score=-2.6 required=3.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, FORGED_GMAIL_RCVD,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS shortcircuit=no autolearn=no autolearn_force=no version=3.4.2 Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75]) by dcvr.yhbt.net (Postfix) with ESMTP id 2F56D1F463 for ; Mon, 9 Dec 2019 20:18:18 +0000 (UTC) Received: from neon.ruby-lang.org (localhost [IPv6:::1]) by neon.ruby-lang.org (Postfix) with ESMTP id 234B3120A9A; Tue, 10 Dec 2019 05:18:03 +0900 (JST) Received: from xtrwkhkc.outbound-mail.sendgrid.net (xtrwkhkc.outbound-mail.sendgrid.net [167.89.16.28]) by neon.ruby-lang.org (Postfix) with ESMTPS id B4BF9120A80 for ; Tue, 10 Dec 2019 05:18:00 +0900 (JST) Received: by filter0129p3las1.sendgrid.net with SMTP id filter0129p3las1-7095-5DEEABFD-1E 2019-12-09 20:18:05.572212881 +0000 UTC m=+1715205.467361090 Received: from herokuapp.com (unknown [54.88.243.118]) by ismtpd0036p1mdw1.sendgrid.net (SG) with ESMTP id ApXa7N5hRwONpdOg_XVQdw for ; Mon, 09 Dec 2019 20:18:05.521 +0000 (UTC) Date: Mon, 09 Dec 2019 20:18:05 +0000 (UTC) From: danielc192@gmail.com Message-ID: References: Mime-Version: 1.0 X-Redmine-MailingListIntegration-Message-Ids: 71821 X-Redmine-Project: ruby-trunk X-Redmine-Issue-Id: 9758 X-Redmine-Issue-Author: stouset X-Redmine-Issue-Assignee: X-Redmine-Sender: danielc192 X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: All Auto-Submitted: auto-generated X-SG-EID: =?us-ascii?Q?kGibFU8ncdrqH4+FgFS5siHTl3ZqcjDzU=2FOPCuTNAqmw4nSHnbs+HPMgQhkYpV?= =?us-ascii?Q?b7wtqO0e6v+9d=2F5hLvpzvymGdLGg4F0iRPDChJR?= =?us-ascii?Q?H4963C0tLPf3b5VSTvRrwkusgnx0Kxtetl39NUI?= =?us-ascii?Q?knW=2FxzlQpmFpni+QmpebcU52Dl0ch2TB1dNq+RE?= =?us-ascii?Q?+dj0=2FZzxDos0KkQ5lLm6lFBzBfq0RUJo7Kw=3D=3D?= To: ruby-core@ruby-lang.org X-ML-Name: ruby-core X-Mail-Count: 96174 Subject: [ruby-core:96174] [Ruby master Feature#9758] Allow setting SSLContext#extra_chain_cert in Net::HTTP X-BeenThere: ruby-core@ruby-lang.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Ruby developers List-Id: Ruby developers List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ruby-core-bounces@ruby-lang.org Sender: "ruby-core" Issue #9758 has been updated by danielc192 (Daniel Cohen). This change is still blocking X509 certificate presentation with Net::HTTP, specifically when an intermediate certificate is required. The current workaround is to create a mixin for the Net::HTTP module (see the blog post linked in the previous comment), but this isn't a great long term solution. Is there another, less hacky way to solve this? This issue has been open for nearly 5 years. Other than the patch being outdated, is there a reason this hasn't been merged? I'm happy to update the patch and resubmit, if that's the only obstacle. Thanks! ---------------------------------------- Feature #9758: Allow setting SSLContext#extra_chain_cert in Net::HTTP https://bugs.ruby-lang.org/issues/9758#change-83050 * Author: stouset (Stephen Touset) * Status: Open * Priority: Normal * Assignee: openssl * Target version: ---------------------------------------- Currently, `Net::HTTP` can only send a single SSL certificate when it establishes a connection. Some use-cases involve sending an entire certificate chain to the destination; for this, `SSLContext` supports assigning to `#extra_chain_cert=`. This adds support in `Net::HTTP` for exposing this underlying `SSLContext` property to end-users. ---Files-------------------------------- 0001-Expose-SSLContext-extra_chain_cert-in-Net-HTTP.patch (1.54 KB) -- https://bugs.ruby-lang.org/