lib/berkshelf/source.rb in berkshelf-5.2.0 vs lib/berkshelf/source.rb in berkshelf-5.3.0
- old
+ new
@@ -1,6 +1,8 @@
require 'berkshelf/api-client'
+require 'berkshelf/ssl_policies'
+require 'openssl'
module Berkshelf
class Source
include Comparable
@@ -10,14 +12,21 @@
def initialize(source)
@source = source
@universe = nil
end
+ def ssl_policy
+ @ssl_policy ||= SSLPolicy.new
+ end
+
def api_client
@api_client ||= begin
+ ssl_options = {verify: Berkshelf::Config.instance.ssl.verify}
+ ssl_options[:cert_store] = ssl_policy.store if ssl_policy.store
+
if source == :chef_server
APIClient.chef_server(
- ssl: Berkshelf::Config.instance.ssl,
+ ssl: ssl_options,
timeout: api_timeout,
open_timeout: [(api_timeout / 10), 3].max,
client_name: Berkshelf::Config.instance.chef.node_name,
server_url: Berkshelf::Config.instance.chef.chef_server_url,
client_key: Berkshelf::Config.instance.chef.client_key,