Module: TingYun::TingYunService::Ssl

Included in:

Http

Defined in:

lib/ting_yun/ting_yun_service/ssl.rb

Instance Method Summary

• #cert_file_path ⇒ Object
• #setup_connection_for_ssl(conn) ⇒ Object
• #ssl_cert_store ⇒ Object

Instance Method Details

#cert_file_path ⇒ Object

# File 'lib/ting_yun/ting_yun_service/ssl.rb', line 34

def cert_file_path
  if path_override = TingYun::Agent.config[:ca_bundle_path]
    TingYun::Agent.logger.warn("Couldn't find CA bundle from configured ca_bundle_path: #{path_override}") unless File.exist? path_override
    path_override
  else
    File.expand_path(File.join(TingYun::Support::Path.ting_yun_root, 'cert', 'cacert.pem'))
  end
end

#setup_connection_for_ssl(conn) ⇒ Object

# File 'lib/ting_yun/ting_yun_service/ssl.rb', line 10

def setup_connection_for_ssl(conn)
  # Jruby 1.6.8 requires a gem for full ssl support and will throw
  # an error when use_ssl=(true) is called and jruby-openssl isn't
  # installed
  conn.use_ssl     = true
  conn.verify_mode = OpenSSL::SSL::VERIFY_PEER
  conn.cert_store  = ssl_cert_store
rescue StandardError, LoadError
  msg = "Agent is configured to use SSL, but SSL is not available in the environment. "
  msg << "Either disable SSL in the agent configuration, or install SSL support."
  raise TingYun::Support::Exception::UnrecoverableAgentException.new(msg)
end

#ssl_cert_store ⇒ Object

# File 'lib/ting_yun/ting_yun_service/ssl.rb', line 23

def ssl_cert_store
  path = cert_file_path
  if !@ssl_cert_store || path != @cached_cert_store_path
    TingYun::Agent.logger.debug("Creating SSL certificate store from file at #{path}")
    @ssl_cert_store = OpenSSL::X509::Store.new
    @ssl_cert_store.add_file(path)
    @cached_cert_store_path = path
  end
  @ssl_cert_store
end