Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow mutual TLS CA to be set using ssl_bind DSL #1689

Merged
merged 1 commit into from
Mar 11, 2019
Merged

Allow mutual TLS CA to be set using ssl_bind DSL #1689

merged 1 commit into from
Mar 11, 2019

Conversation

michaelherold
Copy link
Contributor

When using mutual TLS, you must specify the CA certificate chain to use
for verifying the peer. Using Puma's ssl_bind DSL did not give you the
option of doing so, which lead to confusing errors when attempting to
use it.

Now, when specifying the verify_mode as either peer or force_peer,
you can use the DSL to set the ca value as needed within the Binder.
This allows you to use the DSL instead of falling back to the default
bind syntax via the URI-style configuration pattern.

@evanphx
Copy link
Member

evanphx commented Feb 20, 2019

Could you rebase this on master? There have been a few fixes around this code merged lately.

@michaelherold
Allow mutual TLS CA to be set using ssl_bind DSL
5a92683 
When using mutual TLS, you must specify the CA certificate chain to use
for verifying the peer. Using Puma's `ssl_bind` DSL did not give you the
option of doing so, which lead to confusing errors when attempting to
use it.

Now, when specifying the `verify_mode` as either `peer` or `force_peer`,
you can use the DSL to set the `ca` value as needed within the `Binder`.
This allows you to use the DSL instead of falling back to the default
`bind` syntax via the URI-style configuration pattern.
@michaelherold
Copy link
Contributor Author

Done!

@evanphx evanphx merged commit 6568aae into puma:master Mar 11, 2019
@michaelherold michaelherold deleted the allow-ca-to-be-set-in-bind-dsl branch December 10, 2019 16:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@michaelherold @evanphx