class OpenSSL::SSL::Context::Client
Defined in:
openssl/ssl/context.crConstructors
-
.from_hash(params) : self
Configures a client context from a hash-like interface.
-
.insecure(method : LibSSL::SSLMethod = Context.default_method) : self
Returns a new TLS client context with only the given method set.
-
.new(method : LibSSL::SSLMethod = Context.default_method)
Generates a new TLS client context with sane defaults for a client connection.
Instance methods inherited from class OpenSSL::SSL::Context
add_modes(mode : OpenSSL::SSL::Modes)
add_modes,
add_options(options : OpenSSL::SSL::Options)
add_options,
add_x509_verify_flags(flags : OpenSSL::SSL::X509VerifyFlags)
add_x509_verify_flags,
alpn_protocol=(protocol : String)
alpn_protocol=,
ca_certificates=(file_path : String)
ca_certificates=,
ca_certificates_path=(dir_path : String)
ca_certificates_path=,
certificate_chain=(file_path : String)
certificate_chain=,
cipher_suites=(cipher_suites : String)
cipher_suites=,
ciphers=(ciphers : String)
ciphers=,
default_verify_param=(name : String)
default_verify_param=,
finalize
finalize,
modes : LibSSL::Modes
modes,
options : LibSSL::Options
options,
private_key=(file_path : String)
private_key=,
remove_modes(mode : OpenSSL::SSL::Modes)
remove_modes,
remove_options(options : OpenSSL::SSL::Options)
remove_options,
security_level : Int32
security_level,
security_level=(value : Int32)
security_level=,
set_default_verify_paths
set_default_verify_paths,
set_intermediate_ciphers
set_intermediate_ciphers,
set_modern_ciphers
set_modern_ciphers,
set_old_ciphers
set_old_ciphers,
set_tmp_ecdh_key(curve = LibCrypto::NID_X9_62_prime256v1) : Nil
set_tmp_ecdh_key,
to_unsafe : LibSSL::SSLContext
to_unsafe,
verify_mode : LibSSL::VerifyMode
verify_mode,
verify_mode=(mode : OpenSSL::SSL::VerifyMode)
verify_mode=
Instance methods inherited from class Reference
==(other : self)==(other : JSON::Any)
==(other : YAML::Any)
==(other) ==, dup dup, hash(hasher) hash, initialize initialize, inspect(io : IO) : Nil inspect, object_id : UInt64 object_id, pretty_print(pp) : Nil pretty_print, same?(other : Reference) : Bool
same?(other : Nil) same?, to_s(io : IO) : Nil to_s
Constructor methods inherited from class Reference
new
new,
unsafe_construct(address : Pointer, *args, **opts) : self
unsafe_construct
Class methods inherited from class Reference
pre_initialize(address : Pointer)
pre_initialize
Instance methods inherited from class Object
! : Bool
!,
!=(other)
!=,
!~(other)
!~,
==(other)
==,
===(other : JSON::Any)===(other : YAML::Any)
===(other) ===, =~(other) =~, as(type : Class) as, as?(type : Class) as?, class class, dup dup, hash(hasher)
hash hash, in?(collection : Object) : Bool
in?(*values : Object) : Bool in?, inspect(io : IO) : Nil
inspect : String inspect, is_a?(type : Class) : Bool is_a?, itself itself, nil? : Bool nil?, not_nil!(message)
not_nil! not_nil!, pretty_inspect(width = 79, newline = "\n", indent = 0) : String pretty_inspect, pretty_print(pp : PrettyPrint) : Nil pretty_print, responds_to?(name : Symbol) : Bool responds_to?, tap(&) tap, to_json(io : IO) : Nil
to_json : String to_json, to_pretty_json(indent : String = " ") : String
to_pretty_json(io : IO, indent : String = " ") : Nil to_pretty_json, to_s(io : IO) : Nil
to_s : String to_s, to_yaml(io : IO) : Nil
to_yaml : String to_yaml, try(&) try, unsafe_as(type : T.class) forall T unsafe_as
Class methods inherited from class Object
from_json(string_or_io, root : String)from_json(string_or_io) from_json, from_yaml(string_or_io : String | IO) from_yaml
Macros inherited from class Object
class_getter(*names, &block)
class_getter,
class_getter!(*names)
class_getter!,
class_getter?(*names, &block)
class_getter?,
class_property(*names, &block)
class_property,
class_property!(*names)
class_property!,
class_property?(*names, &block)
class_property?,
class_setter(*names)
class_setter,
def_clone
def_clone,
def_equals(*fields)
def_equals,
def_equals_and_hash(*fields)
def_equals_and_hash,
def_hash(*fields)
def_hash,
delegate(*methods, to object)
delegate,
forward_missing_to(delegate)
forward_missing_to,
getter(*names, &block)
getter,
getter!(*names)
getter!,
getter?(*names, &block)
getter?,
property(*names, &block)
property,
property!(*names)
property!,
property?(*names, &block)
property?,
setter(*names)
setter
Constructor Detail
Configures a client context from a hash-like interface.
require "openssl"
context = OpenSSL::SSL::Context::Client.from_hash({"key" => "private.key", "cert" => "certificate.crt", "ca" => "ca.pem"})
Params:
key
(required): Path to private key file. See#private_key=
.cert
(required): Path to the file containing the public certificate chain. See#certificate_chain=
.verify_mode
: Eitherpeer
,force-peer
,none
or empty (default:peer
). Seeverify_mode=
.ca
: Path to a file containing the CA certificate chain or a directory containing all CA certificates. See#ca_certificates=
and#ca_certificates_path=
, respectively. Required ifverify_mode
ispeer
,force-peer
or empty.
Returns a new TLS client context with only the given method set.
For everything else this uses the defaults of your OpenSSL.
Use this only if undoing the defaults that .new
sets is too much hassle.
Generates a new TLS client context with sane defaults for a client connection.
Defaults to TLS_method
or SSLv23_method
(depending on OpenSSL version)
which tells OpenSSL to negotiate the TLS or SSL protocol with the remote
endpoint.
Don't change the method unless you must restrict a specific protocol to be used (eg: TLSv1.2) and nothing else. You should specify options to disable specific protocols, yet allow to negotiate from various other ones. For example the following snippet will enable the TLSv1, TLSv1.1 and TLSv1.2 protocols but disable the deprecated SSLv2 and SSLv3 protocols:
require "openssl"
context = OpenSSL::SSL::Context::Client.new
context.add_options(OpenSSL::SSL::Options::NO_SSL_V2 | OpenSSL::SSL::Options::NO_SSL_V3)