summaryrefslogtreecommitdiff
path: root/lib/custodian/protocoltest/http.rb
diff options
context:
space:
mode:
authorSteve Kemp <steve@steve.org.uk>2016-07-18 12:30:45 +0300
committerSteve Kemp <steve@steve.org.uk>2016-07-18 12:30:45 +0300
commit16102f6c0e83bf6c4ae6c7684fe915488be52601 (patch)
tree1930991465ceb165891b20b23a217490d1ef9c4e /lib/custodian/protocoltest/http.rb
parent7be828224637af7cdfdb43c000c8d401740abd4f (diff)
Fallback to using `openssl` if we can't get certificates.
Since the ruby version available to wheezy doesn't support TLS 1.2 fetching the certificate from remote HTTPS servers will fail, if that is all that is available. If we hit that condition, and only that one, we'll fall back to invoking `openssl` natively. This will allow us to monitor expiration-time for remote SSL certificates, but the downside is that we no longr receive the bundle that the remote server might send - so we cannot validate the signature chain. This closes #2.
Diffstat (limited to 'lib/custodian/protocoltest/http.rb')
0 files changed, 0 insertions, 0 deletions