Reputation: 798
Is an OpenSSL::SSL::SSLSocket TLS?
In Ruby, is an OpenSSL::SSL::SSLSocket an implementation of RFC 2246?
Upvotes: 1
Views: 1294
Answers (2)
Reputation: 39660
Yes, Ruby's SSL implementation does support TSL v1.0 and higher by utilizing the OpenSSL library that is installed on your system. By default, the behavior will be lenient, and Ruby will choose the "best" protocol being supported by the peer, but if you want finer-grained control and enforce an actual protocol, you may do this by setting appropriate values with OpenSSL::SSL::SSLContext#ssl_version=.
That said, the newest versions of TLS, 1.1 and 1.2, will only be supported if you have one of the recent OpenSSL versions installed on your system. It is highly recommended to continuously upgrade, only the newest versions receive all the security-related bug fixes!
Upvotes: 1
Reputation: 55888
Yes, it provides a SSL/TLS client or server socket. With the cipher list on the OpenSSL Context object you can pass to the initializer, you can control which protocol exactly is spoken by that socket.
The OpenSSL classes of ruby are a rather thin wrapper around the base OpenSSL API. So you might want to read its cipher documentation too.
Upvotes: 2
Related Questions
- Why is Ruby unable to verify an SSL certificate?
- How to set TLS context options in Ruby (like OpenSSL::SSL::SSL_OP_NO_SSLv2)
- Ruby openssl SSLContext cipher
- Ruby TCP server with OpenSSL and Letsencrypt certificate
- Is it possible to enable TLS v1.2 in Ruby? If so, how?
- SSL Client in ruby
- Ruby Net::HTTPS SSL handshake error
- Add SSL to a connection
- Ruby: Alternative to openssl for HTTPS and SSL communications
- What's the Ruby OpenSSL library equivalent of this command?