Skip to content

Latest commit

 

History

History
85 lines (59 loc) · 2.03 KB

README.md

File metadata and controls

85 lines (59 loc) · 2.03 KB

OpenSSL::Win::Root

Build status Gem Version

Fetch Root CA certificates from Windows system store.

Abstract

Default installation of Ruby on Microsoft Windows provides no root certificates at all. Secure connections are simply impossible.

Recommended fix is to load http://curl.haxx.se/ca/cacert.pem and set SSL_CERT_FILE environment variable.

But Windows has its own certificate store. This gem just access it, fetch trusted root certificates and feed them to Ruby's OpenSSL.

So, if you installed some certificates or your company certificate is installed by Group Policy, these certificates will be available to your Ruby program. In addition, no network access is required.

Under other OSes this gem does nothing.

Installation

Add this line to your application's Gemfile:

  gem 'openssl-win-root' if Gem.win_platform?

And then execute:

  $ bundle

Or install it yourself as:

  $ gem install openssl-win-root

Usage

Just require 'openssl/win/root'

If your project uses Bundler.require (eg. Ruby on Rails) then just do nothing!

To test whether SSL works (or not):

require 'net/http'
Net::HTTP.get(URI 'https://ya.ru').length

You can use fetched certificates in non-Ruby projects by setting environment variable SSL_CERT_DIR to result of OpenSSL::Win::Root.path or via -CApath argument of openssl command.

See also

Credits