class Berkshelf::SSLPolicy

def add_trusted_cert(cert)

def add_trusted_cert(cert)
  @store.add_cert(cert)
rescue OpenSSL::X509::StoreError => e
  raise e unless e.message.match(/cert already in hash table/)
end

def initialize

def initialize
  @store = OpenSSL::X509::Store.new.tap(&:set_default_paths)
  set_custom_certs if ::File.exist?(trusted_certs_dir)
end

def set_custom_certs

def set_custom_certs
  ::Dir.glob("#{trusted_certs_dir}/{*.crt,*.pem}").each do |cert|
    cert = OpenSSL::X509::Certificate.new(IO.read(cert))
    add_trusted_cert(cert)
  end
end

def trusted_certs_dir

def trusted_certs_dir
  config_dir = Berkshelf.config.chef.trusted_certs_dir.to_s.tr("\\", "/")
  if config_dir.empty? || !::File.exist?(config_dir)
    File.join(ENV["HOME"], ".chef", "trusted_certs")
  else
    config_dir
  end
end

Modules

Classes

class Berkshelf::SSLPolicy

def add_trusted_cert(cert)

def initialize

def set_custom_certs

def trusted_certs_dir

Namespace

Instance Methods

Defined in