How to set SSLContext options in Ruby

Question

I need to create an SSLSocket in Ruby 1.8+ to talk to an encrypted service. I want to set SSL options on the SSLContext object (it eventually calls SSL_CTX_set_options in the underlying OpenSSL library). I am not seeing any obvious way to do this.

This is using the OpenSSL::SSL::SSLContext interface.

As a point of reference, this is analogous to calling the set_options() in Python's pyOpenSSL library.

score 3 · Accepted Answer · answered Jan 16 '12 at 14:23

3

Example:

ctx = OpenSSL::SSL::SSLContext.new

ctx.set_params(:options => OpenSSL::SSL::OP_EPHEMERAL_RSA | OpenSSL::SSL::OP_NO_SSLv2)
# or
ctx.options = OpenSSL::SSL::OP_EPHEMERAL_RSA | OpenSSL::SSL::OP_NO_SSLv2

answered Jan 16 '12 at 14:23

qerub

1,497
15
11

Nice example. It beats the snot out of what the Ruby docs are providing. How do you attach the context to an `http` when `http.use_ssl = true`? – jww Jun 16 '14 at 08:43
@jww: Seems like there's no API for that yet: https://bugs.ruby-lang.org/issues/9450 *sigh* – qerub Jun 16 '14 at 12:15

How to set SSLContext options in Ruby

1 Answers1

Linked