Method: EventMachine::Connection#ssl_verify_peer

Defined in:: lib/em/connection.rb

#ssl_verify_peer(cert) ⇒ `Object`

Called by EventMachine when :verify_peer => true has been passed to #start_tls. It will be called with each certificate in the certificate chain provided by the remote peer.

The cert will be passed as a String in PEM format, the same as in #get_peer_cert. It is up to user defined code to perform a check on the certificates. The return value from this callback is used to accept or deny the peer. A return value that is not nil or false triggers acceptance. If the peer is not accepted, the connection will be subsequently closed.

Examples:

This server always accepts all peers


module AcceptServer
  def post_init
    start_tls(:verify_peer => true)
  end

  def ssl_verify_peer(cert)
    true
  end

  def ssl_handshake_completed
    $server_handshake_completed = true
  end
end

This server never accepts any peers


module DenyServer
  def post_init
    start_tls(:verify_peer => true)
  end

  def ssl_verify_peer(cert)
    # Do not accept the peer. This should now cause the connection to shut down
    # without the SSL handshake being completed.
    false
  end

  def ssl_handshake_completed
    $server_handshake_completed = true
  end
end

Method: EventMachine::Connection#ssl_verify_peer

#ssl_verify_peer(cert) ⇒ Object

#ssl_verify_peer(cert) ⇒ `Object`