Open ColonelPanicks opened 5 years ago
SSL doesn't work unless the client is set to ignore it or is explicitly given the CA authority file which seems very unnecessary.
Detailed explanation - https://alces.slack.com/files/T025J03QZ/FNHCK0S9J?origin_team=T025J03QZ
According to @mjtko this problem can be fixed by splitting out the server-side certificate and adding an additional config filed to the config.ru file:
config.ru
ssl_options = if Cloudware::Config.ssl_private_key? && Cloudware::Config.ssl_certificate? base_options.merge( SSLCertificate: OpenSSL::X509::Certificate.new(Cloudware::Config.read_ssl_certificate), SSLPrivateKey: OpenSSL::PKey::RSA.new(Cloudware::Config.read_ssl_private_key), SSLExtraChainCert: [OpenSSL::X509::Certificate.new(File.read('etc/ssl.ca.crt'))], )
Discussion regarding solution - https://alces.slack.com/archives/C82EXS7J4/p1568893506020100
SSL doesn't work unless the client is set to ignore it or is explicitly given the CA authority file which seems very unnecessary.
Detailed explanation - https://alces.slack.com/files/T025J03QZ/FNHCK0S9J?origin_team=T025J03QZ
According to @mjtko this problem can be fixed by splitting out the server-side certificate and adding an additional config filed to the
config.ru
file:Discussion regarding solution - https://alces.slack.com/archives/C82EXS7J4/p1568893506020100