ActionMailer: Using multiple self-signed certificates

Question

I found this question about how to use a self-signed certificate with ActionMailer on stackoverflow. According to an answer, it can be done with the code below.

config.action_mailer.smtp_setting = {
    ...
    ssl: true
    enable_starttls_auto: false,
    openssl_verify_mode: OpenSSL::SSL::VERIFY_PEER,
    ca_file: "/etc/ssl/certs/ca-certificates.crt",
    ...
} 

As you can see, a ca_file can be specified with this line ca_file: "/etc/ssl/certs/ca-certificates.crt".

Though the answer is really concise and helped me figure out how to send emails with a self-signed certificate using ActionMailer, it still left me the two following questions.

1) Is it possible to set more than one ,in my case three, different self-signed certificates? If the answer is yes, how?

2) Is it possible to use a .der file as a self-signed certificate instead of a .crt file? or Should I always convert a .der file into a .crt file when I use it as a self-signed certificate?

I couldn't find much information regarding this matter, I would appreciate any help!!

Answer 1

1) Is it possible to set more than one ,in my case three, different self-signed certificates? If the answer is yes, how?

The ca_file can contain multiple CA certificates in PEM format. Just put them one after each other into the file, i.e. cat cert1.pem cert2.pem > ca.pem. Make sure that each of the input files has a line end at the end though.

2) Is it possible to use a .der file as a self-signed certificate instead of a .crt file? or Should I always convert a .der file into a .crt file when I use it as a self-signed certificate?

DER and PEM are both essentially the same data only with a different encoding (binary vs. base64 with some ASCII envelope) and it is easy to convert one into the other. ca_file expects a list of PEM, not DER.