class SSLCheck::Validators::CABundle
Public Instance Methods
validate()
click to toggle source
# File lib/sslcheck/validators/ca_bundle.rb, line 4 def validate return nil if verified_certificate? SSLCheck::Errors::Validation::CABundleVerification.new({:name => "Certificate Authority Verification", :message => "The Certificate could not be verified using the supplied Certificate Authority (CA) Bundle."}) end
Private Instance Methods
verified_certificate?()
click to toggle source
# File lib/sslcheck/validators/ca_bundle.rb, line 10 def verified_certificate? return false if @ca_bundle.empty? store = OpenSSL::X509::Store.new store.set_default_paths begin store.add_file File.join(SSL_CHECK_ROOT_DIR,'ca-bundle', 'ca-bundle.crt') rescue OpenSSL::X509::StoreError # If the certificate is already present, # we don't really care end @ca_bundle.each do |ca_cert| begin store.add_cert ca_cert.to_x509 rescue OpenSSL::X509::StoreError end end store.verify(@peer_cert.to_x509) end