Multiple SSL certificates - certificate rotation #1190
Comments
I suppose you can try connecting with one certificate, and if you get an error, connect with the other.
Perhaps, the difficulty is that it wouldn't be supported by the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would like some advice on how to handle SSL certificate rotation using the library. I would imagine there is a way to pass on to the SLL context multiple certificates (ie the current one and the one to be used), however I can't find anything like that in the documentation.
As per the documentation, the
ssl_paramsparams hash is passed on to theOpenSSL::SSL::SSLContext#set_params. In the example you use thecertkey to pass the client certificate. In turn, theSSLContextdocumentation mentions that the initialization params are used to invoke setter methods.Apart from only accepting a single certificate, the
SSLContext#cert=is deprecated in favor of the SSLContext#add_certificate method, which would (presumably) also allow me to solve my original problem.Questions:
Is there a way to perform certificate rotation currently with the gem?
Are there plans to support the
SSLContext#add_certificatemethod?The text was updated successfully, but these errors were encountered: