-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow setting min/max SSL version for a connection on Ruby 2.5 #2775
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bdewater
force-pushed
the
ssl-minmax-version
branch
from
March 19, 2018 14:56
0f9d8b1
to
b98fa73
Compare
bdewater
force-pushed
the
ssl-minmax-version
branch
2 times, most recently
from
March 20, 2018 19:58
152cff1
to
55804fc
Compare
bdewater
force-pushed
the
ssl-minmax-version
branch
from
April 6, 2018 14:58
55804fc
to
8cf1bb1
Compare
Rebased now that Travis is running 2.5 tests. I've added a rake task similar to the SSL certificate verification one to test the version negotiation. It requires Ruby 2.5. Output:
So far |
bdewater
force-pushed
the
ssl-minmax-version
branch
2 times, most recently
from
April 6, 2018 16:41
fa086f3
to
c4b782b
Compare
The configuration on the Net::HTTP object is passed through to OpenSSL::SSLContext
…ion requirement TLS 1.0 will not be allowed after 30 June: https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls
bdewater
force-pushed
the
ssl-minmax-version
branch
from
April 6, 2018 16:44
c4b782b
to
04aabe6
Compare
jasonwebster
approved these changes
Apr 19, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The configuration on the Net::HTTP object is passed through to OpenSSL::SSLContext. The functionality in the OpenSSL gem was introduced in ruby/openssl#142
This is useful for the upcoming expiry of the PCI DSS TLS 1.0 exemption (see #2774) to configure a minimum version from the client side as well.