Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Send client certificate even when ssl_verify_mode is :none #81

Closed
lgustafson opened this issue Jan 19, 2013 · 3 comments
Closed

Send client certificate even when ssl_verify_mode is :none #81

lgustafson opened this issue Jan 19, 2013 · 3 comments
Milestone
v2.1.0

Comments

@lgustafson
Copy link
Contributor

In httpi 2.0.0, httpi disables the use of client certificates when request.auth.ssl.verify_mode is set to :none. This can cause problems when a server requires a client-side certificate but the server itself uses a certificate with "problems" (ie. self-signed or expired). The client should always be able to send a certificate even if the server certificate has problems.

It appears the issue is in each of the adapters in HTTPI::Adapter in the setup_ssl_auth method. This problem is present in at least the Net::HTTP and Curb (have not tried the others yet).
@lgustafson lgustafson mentioned this issue Jan 19, 2013
Merged
rogerleite added a commit that referenced this issue Feb 11, 2013
@rogerleite
Merge pull request #82 from lgustafson/client-ssl-fix
d2838a4 
Send client-side certificates (if present) regardless of the state of ssl verify_mode (Fix for issue #81)
@rubiii
Copy link
Contributor

rubiii commented Feb 11, 2013

added a note to the changelog.

@rogerleite
Copy link
Member

thks!

@rogerleite rogerleite mentioned this issue Jul 2, 2013
Closed
@rubiii rubiii mentioned this issue Jul 20, 2013
Closed
27 tasks
@rubiii
Copy link
Contributor

rubiii commented Jul 22, 2013

released with version 2.1.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
v2.1.0
Development

No branches or pull requests
3 participants
@rogerleite @rubiii @lgustafson