Merge pull request #200 from Umofomia/ruby-1.8-ssl-cert-store

pitbulk · pitbulk · commit 9d0323b35d2c · 2015-03-13T04:08:52.000+01:00
Set default SSL certificate store in Ruby 1.8.
diff --git a/lib/onelogin/ruby-saml/idp_metadata_parser.rb b/lib/onelogin/ruby-saml/idp_metadata_parser.rb
@@ -47,6 +47,12 @@ def get_idp_metadata(url, validate_cert)
           # Most IdPs will probably use self signed certs
           if validate_cert
             http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+            # Net::HTTP in Ruby 1.8 did not set the default certificate store
+            # automatically when VERIFY_PEER was specified.
+            if RUBY_VERSION < '1.9' && !http.ca_file && !http.ca_path && !http.cert_store
+              http.cert_store = OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE
+            end
           else
             http.verify_mode = OpenSSL::SSL::VERIFY_NONE
           end
