gitlab-org--gitlab-foss/config/initializers/httpclient_patch.rb
Stan Hu a6c0f95705 Make httpclient respect system SSL configuration
By default, httpclient (and hence anything that uses rack-oauth2)
ignores the system-wide SSL certificate configuration in favor of its
own `cacert.pem`. This makes it impossible to use custom certificates
without patching that file. Until
https://github.com/nahi/httpclient/pull/386 is merged, we work around
this limitation by forcing the `HTTPClient` SSL store to use the default
system configuration.

Closes https://gitlab.com/charts/gitlab/issues/1436
2019-07-15 10:07:10 -07:00

18 lines
620 B
Ruby

# frozen_string_literal: true
# By default, httpclient (and hence anything that uses rack-oauth2)
# ignores the system-wide SSL certificate configuration in favor of its
# own cacert.pem. This makes it impossible to use custom certificates
# without patching that file. Until
# https://github.com/nahi/httpclient/pull/386 is merged, we work around
# this limitation by forcing the HTTPClient SSL store to use the default
# system configuration.
module HTTPClient::SSLConfigDefaultPaths
def initialize(client)
super
set_default_paths
end
end
HTTPClient::SSLConfig.prepend HTTPClient::SSLConfigDefaultPaths