diff options
author | Steve Kemp <steve@steve.org.uk> | 2016-07-18 12:30:45 +0300 |
---|---|---|
committer | Steve Kemp <steve@steve.org.uk> | 2016-07-18 12:30:45 +0300 |
commit | 16102f6c0e83bf6c4ae6c7684fe915488be52601 (patch) | |
tree | 1930991465ceb165891b20b23a217490d1ef9c4e /t | |
parent | 7be828224637af7cdfdb43c000c8d401740abd4f (diff) |
Fallback to using `openssl` if we can't get certificates.
Since the ruby version available to wheezy doesn't support TLS 1.2
fetching the certificate from remote HTTPS servers will fail, if
that is all that is available.
If we hit that condition, and only that one, we'll fall back to
invoking `openssl` natively. This will allow us to monitor
expiration-time for remote SSL certificates, but the downside is
that we no longr receive the bundle that the remote server might
send - so we cannot validate the signature chain.
This closes #2.
Diffstat (limited to 't')
0 files changed, 0 insertions, 0 deletions