mirror of
https://github.com/puma/puma.git
synced 2022-11-09 13:48:40 -05:00
e8d25b30f3
Add Client Side Certificate Auth feature and handling to puma's MiniSSL. Also exposes SSL errors to puma/apps. compatibility notes: MRI only shell example: puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&ca=path_to_ca&verify_mode=force_peer' code example: (examples/client_side_ssl) app = proc {|env| p env['puma.peercert']; [200, {}, ["hey"]] } events = SSLEvents.new($stdout, $stderr) server = Puma::Server.new(app, events) admin_context = Puma::MiniSSL::Context.new admin_context.key = KEY_PATH admin_context.cert = CERT_PATH admin_context.ca = CA_CERT_PATH admin_context.verify_mode = Puma::MiniSSL::VERIFY_PEER | Puma::MiniSSL::VERIFY_FAIL_IF_NO_PEER_CERT server.add_ssl_listener("0.0.0.0", ADMIN_PORT, admin_context) server.min_threads = MIN_THREADS server.max_threads = MAX_THREADS server.persistent_timeout = IDLE_TIMEOUT server.run.join additional credits: Andy Alness <andy.alness@gmail.com> |
||
---|---|---|
.. | ||
puma | ||
rack/handler | ||
puma.rb |