lib/berkshelf.rb in berkshelf-5.2.0 vs lib/berkshelf.rb in berkshelf-5.3.0

@@ -116,18 +116,29 @@
     # @return [~Formatter]
     def formatter
       @formatter ||= HumanFormatter.new
     end
 
+    def ssl_policy
+      @ssl_policy ||= SSLPolicy.new
+    end
+
     # @raise [Berkshelf::ChefConnectionError]
     def ridley_connection(options = {}, &block)
-      ridley_options               = options.slice(:ssl)
+      ssl_options              = {}
+      ssl_options[:verify]     = if options[:ssl_verify].nil?
+                                   Berkshelf.config.ssl.verify
+                                 else
+                                   options[:ssl_verify]
+                                 end
+      ssl_options[:cert_store] = ssl_policy.store if ssl_policy.store
 
+      ridley_options               = options.slice(:ssl)
       ridley_options[:server_url]  = options[:server_url] || Berkshelf.config.chef.chef_server_url
       ridley_options[:client_name] = options[:client_name] || Berkshelf.config.chef.node_name
       ridley_options[:client_key]  = options[:client_key] || Berkshelf.config.chef.client_key
-      ridley_options[:ssl]         = { verify: (options[:ssl_verify].nil?) ? Berkshelf.config.ssl.verify : options[:ssl_verify]}
+      ridley_options[:ssl]         = ssl_options
 
       unless ridley_options[:server_url].present?
         raise ChefConnectionError, 'Missing required attribute in your Berkshelf configuration: chef.server_url'
       end
 
@@ -205,9 +216,10 @@
 require_relative 'berkshelf/logger'
 require_relative 'berkshelf/resolver'
 require_relative 'berkshelf/source'
 require_relative 'berkshelf/source_uri'
 require_relative 'berkshelf/validator'
+require_relative 'berkshelf/ssl_policies'
 
 Ridley.logger          = Berkshelf.logger
 Berkshelf.logger.level = Logger::WARN
 Celluloid.logger.level = Logger::ERROR