class OpenSSL::SSL::SSLContext
def max_version=(version)
Sets the upper bound of the supported SSL/TLS protocol version. See
ctx.max_version = nil
ctx.max_version = :TLS1_2
ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
call-seq:
def max_version=(version) set_minmax_proto_version(@min_proto_version ||= nil, version) @max_proto_version = version end
def min_version=(version)
sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
ctx.min_version = OpenSSL::SSL::TLS1_1_VERSION
ctx = OpenSSL::SSL::SSLContext.new
=== Example
#max_version=.
options by #options= once you have called #min_version= or
Be careful that you don't overwrite OpenSSL::SSL::OP_NO_{SSL,TLS}v*
OpenSSL::SSL::*_VERSION, a Symbol, or +nil+ which means "any version".
version may be specified by an integer constant named
Sets the lower bound on the supported SSL/TLS protocol version. The
ctx.min_version = nil
ctx.min_version = :TLS1_2
ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
call-seq:
def min_version=(version) set_minmax_proto_version(version, @max_proto_version ||= nil) @min_proto_version = version end
def set_params(params={})
cert_store are not set then the system default certificate store is
If the verify_mode is not VERIFY_NONE and ca_file, ca_path and
The keys in _params_ must be assignment methods on SSLContext.
If a Hash _params_ is given, the parameters are overridden with it.
Sets saner defaults optimized for the use with HTTP-like protocols.
ctx.set_params(params = {}) -> params
call-seq:
#
def set_params(params={}) params = DEFAULT_PARAMS.merge(params) self.options = params.delete(:options) # set before min_version/max_version params.each{|name, value| self.__send__("#{name}=", value) } if self.verify_mode != OpenSSL::SSL::VERIFY_NONE unless self.ca_file or self.ca_path or self.cert_store self.cert_store = DEFAULT_CERT_STORE end end return params end