class DRb::DRbSSLSocket::SSLConfig

def initialize(config)

c.setup_certificate
})
:SSLCertName => [["CN" => DRb::DRbSSLSocket.getservername]]
c = DRb::DRbSSLSocket::SSLConfig.new({
require 'drb/ssl'

or

c.setup_certificate
c[:SSLCACertificatePath] = "/etc/ssl/certs/"
c[:SSLVerifyMode] = OpenSSL::SSL::VERIFY_PEER
c[:SSLPrivateKey] = OpenSSL::PKey::RSA.new(File.read('mycert.key'))
OpenSSL::X509::Certificate.new(File.read('mycert.crt'))
c[:SSLCertificate] =
c = DRb::DRbSSLSocket::SSLConfig.new {}
require 'drb/ssl'

These values can be added after the fact, like a Hash.

=== Example

"Generated by Ruby/OpenSSL"
A comment to be used for generating the certificate. The default is
:SSLCertComment ::

See also OpenSSL::X509::Name

["CN","fqdn.example.com"]]
[["C", "Raleigh"], ["ST","North Carolina"],

given). The value of this is to be an Array of pairs:
the certificate (if :SSLCertificate and :SSLPrivateKey were not
Issuer name for the certificate. This is required when generating
:SSLCertName ::

A OpenSSL::X509::Store used for verification of certificates
:SSLCertificateStore ::

OpenSSL::SSL::SSLContext.verify_callback
A callback to be used for additional verification. See
:SSLVerifyCallback ::

chain.
Number of CA certificates to walk, when verifying a certificate
:SSLVerifyDepth ::

available modes. The default is OpenSSL::SSL::VERIFY_NONE
This is the SSL verification mode. See OpenSSL::SSL::VERIFY_* for
:SSLVerifyMode ::

OpenSSL::SSL::SSLContext#max_version=.
This is the maximum SSL version to allow. See
:SSLMaxVersion ::

OpenSSL::SSL::SSLContext#min_version=.
This is the minimum SSL version to allow. See
:SSLMinVersion ::

A DH callback. See OpenSSL::SSL::SSLContext.tmp_dh_callback
:SSLTmpDhCallback ::

A path to a CA certificate file, in PEM format.
:SSLCACertificateFile ::

be in PEM format.
A path to the directory of CA certificates. The certificates must
:SSLCACertificatePath ::

used as ClientCAs in the SSL Context
An OpenSSL::X509::Certificate, or Array of certificates that will
:SSLClientCA ::

the key that signed the :SSLCertificate
A private key instance, like OpenSSL::PKey::RSA. This key must be
:SSLPrivateKey ::

then a generic X509 is generated, with a correspond :SSLPrivateKey
An instance of OpenSSL::X509::Certificate. If this is not provided,
:SSLCertificate ::

From +config+ Hash:

=== Config options

minimum is to provide the :SSLCertName
configuration. If want it to generate a generic certificate, the bare
of SSLConfig, and will setup the certificate for its session for the
The DRb::DRbSSLSocket will take either a +config+ Hash or an instance

Create a new DRb::DRbSSLSocket::SSLConfig instance

def initialize(config)
  @config  = config
  @cert    = config[:SSLCertificate]
  @pkey    = config[:SSLPrivateKey]
  @ssl_ctx = nil
end

Modules

Classes

class DRb::DRbSSLSocket::SSLConfig

def initialize(config)

Instance Methods