Merge branch 'sh-fix-httpclient-ssl' into 'master'

Make httpclient respect system SSL configuration

Closes charts/gitlab#1436

See merge request gitlab-org/gitlab-ce!30749
This commit is contained in:
Mayra Cabrera 2019-07-15 21:16:00 +00:00
commit b46cf4290b
2 changed files with 23 additions and 0 deletions

View file

@ -0,0 +1,5 @@
---
title: Make httpclient respect system SSL configuration
merge_request: 30749
author:
type: fixed

View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
# By default, httpclient (and hence anything that uses rack-oauth2)
# ignores the system-wide SSL certificate configuration in favor of its
# own cacert.pem. This makes it impossible to use custom certificates
# without patching that file. Until
# https://github.com/nahi/httpclient/pull/386 is merged, we work around
# this limitation by forcing the HTTPClient SSL store to use the default
# system configuration.
module HTTPClient::SSLConfigDefaultPaths
def initialize(client)
super
set_default_paths
end
end
HTTPClient::SSLConfig.prepend HTTPClient::SSLConfigDefaultPaths