An SSLContext is used to set various options regarding certificates, algorithms, verification, session caching, etc. The SSLContext is used to create an SSLSocket.
All attributes must be set before creating an SSLSocket as the SSLContext will be frozen afterward.
The following attributes are available but don’t show up in rdoc:
-
ssl_version, cert, key, client_ca, ca_file, ca_path, timeout,
-
verify_mode, verify_depth client_cert_cb, tmp_dh_callback,
-
session_id_context, session_add_cb, session_new_cb, session_remove_cb
Constants
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
DEFAULT_PARAMS = {\n:ssl_version => "SSLv23",\n:verify_mode => OpenSSL::SSL::VERIFY_PEER,\n:ciphers => %w{\nECDHE-ECDSA-AES128-GCM-SHA256\nECDHE-RSA-AES128-GCM-SHA256\nECDHE-ECDSA-AES256-GCM-SHA384\nECDHE-RSA-AES256-GCM-SHA384\nDHE-RSA-AES128-GCM-SHA256\nDHE-DSS-AES128-GCM-SHA256\nDHE-RSA-AES256-GCM-SHA384\nDHE-DSS-AES256-GCM-SHA384\nECDHE-ECDSA-AES128-SHA256\nECDHE-RSA-AES128-SHA256\nECDHE-ECDSA-AES128-SHA\nECDHE-RSA-AES128-SHA\nECDHE-ECDSA-AES256-SHA384\nECDHE-RSA-AES256-SHA384\nECDHE-ECDSA-AES256-SHA\nECDHE-RSA-AES256-SHA\nDHE-RSA-AES128-SHA256\nDHE-RSA-AES256-SHA256\nDHE-RSA-AES128-SHA\nDHE-RSA-AES256-SHA\nDHE-DSS-AES128-SHA256\nDHE-DSS-AES256-SHA256\nDHE-DSS-AES128-SHA\nDHE-DSS-AES256-SHA\nAES128-GCM-SHA256\nAES256-GCM-SHA384\nAES128-SHA256\nAES256-SHA256\nAES128-SHA\nAES256-SHA\nECDHE-ECDSA-RC4-SHA\nECDHE-RSA-RC4-SHA\nRC4-SHA\n}.join(":"),\n:options => -> {\nopts = OpenSSL::SSL::OP_ALL\nopts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)\nopts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)\nopts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)\nopts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)\nopts\n}.call\n}
METHODS = ary
SESSION_CACHE_BOTH = LONG2FIX(SSL_SESS_CACHE_BOTH)
SESSION_CACHE_CLIENT = LONG2FIX(SSL_SESS_CACHE_CLIENT)
SESSION_CACHE_NO_AUTO_CLEAR = LONG2FIX(SSL_SESS_CACHE_NO_AUTO_CLEAR)
SESSION_CACHE_NO_INTERNAL = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL)
SESSION_CACHE_NO_INTERNAL_LOOKUP = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
SESSION_CACHE_NO_INTERNAL_STORE = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_STORE)
SESSION_CACHE_OFF = LONG2FIX(SSL_SESS_CACHE_OFF)
SESSION_CACHE_SERVER = LONG2FIX(SSL_SESS_CACHE_SERVER)
Attributes
| [RW] | ca_file |
| [RW] | ca_path |
| [RW] | cert |
| [RW] | cert_store |
| [RW] | client_ca |
| [RW] | client_cert_cb |
| [RW] | extra_chain_cert |
| [RW] | key |
| [RW] | npn_protocols |
| [RW] | npn_select_cb |
| [RW] | options |
| [RW] | renegotiation_cb |
| [RW] | servername_cb |
| [RW] | session_get_cb |
| [RW] | session_id_context |
| [RW] | session_new_cb |
| [RW] | session_remove_cb |
| [RW] | ssl_timeout |
| [RW] | timeout |
| [RW] | tmp_dh_callback |
| [RW] | verify_callback |
| [RW] | verify_depth |
| [RW] | verify_mode |
Files
- ext/openssl/lib/openssl/ssl.rb
- ext/openssl/ossl_ssl.c