Project

General

Profile

Actions

Feature #18418

open

Add Net::HTTP#security_level=

Added by hoshinotsuyoshi (tsuyoshi hoshino) 5 months ago.

Status:
Open
Priority:
Normal
Assignee:
-
Target version:
-
[ruby-core:106733]

Description

Use Case:

I want to connect to an HTTP(S) server (using Net::HTTP) that cannot connect with security level1 2 and needs to specify security level 1.
My server is a newer debian (docker image ruby:3.0.3, based on debian bullseye) and I need to change the configuration in /etc/ssl/openssl.cnf to do the above.
And I really don't want to do that, because it affects other SSL communication between my server and other servers.


So it would be nice if there is a Net::HTTP#security_level= that can change the OpenSSL::SSL::SSLContext instance, just like we already have Net::HTTP#max_version=.

Note that similar information has been posted2 to the mailing list in the past.

  1. https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html

  2. http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/50825


Files

http_security_level.patch (817 Bytes) http_security_level.patch hoshinotsuyoshi (tsuyoshi hoshino), 12/19/2021 11:54 AM

No data to display

Actions

Also available in: Atom PDF