examples/ssl_uc2.rb in stomp-1.2.2 vs examples/ssl_uc2.rb in stomp-1.2.3

@@ -1,30 +1,36 @@
 #
-# Reference: https://github.com/morellon/stomp/wiki/extended-ssl-overview
+# Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
 #
 require "rubygems"
 require "stomp"
 #
-# SSL Use Case 2
+# SSL Use Case 2 - server does *not* authenticate client, client *does* authenticate server
 #
-ssl_opts = Stomp::SSLParams.new(:key_file => "/home/gmallard/sslwork/twocas_tj/clientCA/ClientTJ.key",
-  :cert_file => "/home/gmallard/sslwork/twocas_tj/clientCA/ClientTJ.crt")
-
+# Subcase 2.A - Message broker configuration does *not* require client authentication
 #
+# - Expect connection success
+# - Expect a verify result of 0 becuase the client did authenticate the
+#   server's certificate.
+#
+# Subcase 2.B - Message broker configuration *does* require client authentication
+#
+# - Expect connection failure (broker must be sent a valid client certificate)
+#
+ts_flist = []
+ts_flist << "/home/gmallard/sslwork/twocas_tj/serverCA/ServerTJCA.crt"
+ssl_opts = Stomp::SSLParams.new(:ts_files => ts_flist.join(","))
+#
 hash = { :hosts => [ 
       {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts},
-      ]
+      ],
+    :reliable => false, # YMMV, to test this in a sane manner
     }
 #
 puts "Connect starts, SSL Use Case 2"
 c = Stomp::Connection.new(hash)
 puts "Connect completed"
-#
-# Expect a verify_result == 20
-#
-# This means: the client did not verify the peer's certificate, but the 
-# handshake succeeds, and the connection is allowed.
-#
 puts "SSL Verify Result: #{ssl_opts.verify_result}"
-puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}"
+# puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}"
 c.disconnect
+