Sha256: 8a807628c3804dea2d12f747dad801cc9a43b0af3cff4fb8034ed66a7d8c3fdd

Contents?: true

Size: 999 Bytes

Versions: 4

Compression:

Stored size: 999 Bytes

Contents

module SSLCheck
  module Validators
    class CABundle < GenericValidator
      def validate
        return nil if verified_certificate?
        SSLCheck::Errors::Validation::CABundleVerification.new({:name => "Certificate Authority Verification", :message => "The Certificate could not be verified using the supplied Certificate Authority (CA) Bundle."})
      end

    private
      def verified_certificate?
        return false if @ca_bundle.empty?

        store = OpenSSL::X509::Store.new
        store.set_default_paths

        begin
          store.add_file File.join(SSL_CHECK_ROOT_DIR,'ca-bundle', 'ca-bundle.crt')
        rescue OpenSSL::X509::StoreError
          # If the certificate is already present,
          # we don't really care
        end

        @ca_bundle.each do |ca_cert|
          begin
            store.add_cert ca_cert.to_x509
          rescue OpenSSL::X509::StoreError
          end
        end

        store.verify(@peer_cert.to_x509)
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
sslcheck-0.9.9.1 lib/sslcheck/validators/ca_bundle.rb
sslcheck-0.9.9 lib/sslcheck/validators/ca_bundle.rb
sslcheck-0.9.6 lib/sslcheck/validators/ca_bundle.rb
sslcheck-0.9.5 lib/sslcheck/validators/ca_bundle.rb