From c02dc34d582cdef5cd7e15013bd69fce060a5e1c Mon Sep 17 00:00:00 2001 From: Enrico Rubboli Date: Thu, 29 Jun 2017 15:07:33 +0200 Subject: [PATCH] add ecdh_curve option for EM connection --- examples/ssl/{127.0.0.1.bundle.crt => 127.0.0.1.chain.crt} | 0 examples/worker_ssl.rb | 1 + lib/grenache/http.rb | 2 ++ lib/grenache/http/version.rb | 2 +- 4 files changed, 4 insertions(+), 1 deletion(-) rename examples/ssl/{127.0.0.1.bundle.crt => 127.0.0.1.chain.crt} (100%) diff --git a/examples/ssl/127.0.0.1.bundle.crt b/examples/ssl/127.0.0.1.chain.crt similarity index 100% rename from examples/ssl/127.0.0.1.bundle.crt rename to examples/ssl/127.0.0.1.chain.crt diff --git a/examples/worker_ssl.rb b/examples/worker_ssl.rb index 7c8c780..d090f7c 100644 --- a/examples/worker_ssl.rb +++ b/examples/worker_ssl.rb @@ -8,6 +8,7 @@ c = Grenache::Http.new(grape_address: "http://127.0.0.1:40002/", key: File.expand_path('.') + "/ssl/127.0.0.1.key", cert_pem: File.expand_path('.') + "/ssl/127.0.0.1.chain.crt", + cert_ecdh_curve: 'secp384r1', ca: File.expand_path('.') + "/ssl/ca.crt", service_host: "localhost") diff --git a/lib/grenache/http.rb b/lib/grenache/http.rb index b97d06e..ec52547 100644 --- a/lib/grenache/http.rb +++ b/lib/grenache/http.rb @@ -36,8 +36,10 @@ def start_http_service(port, &block) server.ssl_options = { private_key_file: config.key, cert_chain_file: config.cert_pem, + ecdh_curve: config.cert_ecdh_curve, verify_peer: true } + server.backend.ca_cert = File.read config.ca end server.start diff --git a/lib/grenache/http/version.rb b/lib/grenache/http/version.rb index 5d196dd..f71c227 100644 --- a/lib/grenache/http/version.rb +++ b/lib/grenache/http/version.rb @@ -1,5 +1,5 @@ module Grenache module HTTP - VERSION = "0.2.12" + VERSION = "0.2.13" end end