WebDev
Reputation: 404
How to set Ruby SSL method
I am running Ruby 1.9.3, and trying to get either HTTPClient v 2.3.2 or OpenSSL::SSL::Socket to use a different https method than SSLv3 by default. Thanks to the POODLE vulnerability many of the APIs we connect to are refusing SSLv3 connections and I need to change to TLSv1 without patching multiple gems.
How would I go about setting a default SSL method?
Upvotes: 3
Views: 923
Answers (1)
Jeremy Lewis
Reputation: 1719
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ssl_version] = :TLSv1
If you're running in a Rails context, you should put the above line of code into an initializer (/config/initializers/openssl.rb).
Upvotes: 5
Related Questions
- Ruby on Rails: ssl_required: how do I enable on the entire app?
- Force SSL for http requests in Rails
- How to add SSL to Rails App?
- How to configure private key for SSL client in Ruby on Rails application
- SSL configuration
- SSL with Ruby on Rails
- Making an API call over SSL in Ruby
- How do I tell my rails form to use https?
- no method on use_ssl = true
- Ruby on Rails and SSL error