mirror of
https://github.com/puma/puma.git
synced 2022-11-09 13:48:40 -05:00
e8d25b30f3
Add Client Side Certificate Auth feature and handling to puma's MiniSSL. Also exposes SSL errors to puma/apps.
compatibility notes: MRI only
shell example:
puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&ca=path_to_ca&verify_mode=force_peer'
code example: (examples/client_side_ssl)
app = proc {|env| p env['puma.peercert']; [200, {}, ["hey"]] }
events = SSLEvents.new($stdout, $stderr)
server = Puma::Server.new(app, events)
admin_context = Puma::MiniSSL::Context.new
admin_context.key = KEY_PATH
admin_context.cert = CERT_PATH
admin_context.ca = CA_CERT_PATH
admin_context.verify_mode = Puma::MiniSSL::VERIFY_PEER | Puma::MiniSSL::VERIFY_FAIL_IF_NO_PEER_CERT
server.add_ssl_listener("0.0.0.0", ADMIN_PORT, admin_context)
server.min_threads = MIN_THREADS
server.max_threads = MAX_THREADS
server.persistent_timeout = IDLE_TIMEOUT
server.run.join
additional credits: Andy Alness <andy.alness@gmail.com>
|
||
|---|---|---|
| .. | ||
| org/jruby/puma | ||
| ext_help.h | ||
| extconf.rb | ||
| http11_parser.c | ||
| http11_parser.h | ||
| http11_parser.java.rl | ||
| http11_parser.rl | ||
| http11_parser_common.rl | ||
| io_buffer.c | ||
| mini_ssl.c | ||
| puma_http11.c | ||
| PumaHttp11Service.java | ||