Provide support to reset HTTPClient's CA store path to the system defaults
Opened this issue · 2 comments
I'm having trouble verifying my nexus server cert using the default HTTPClient CA certs (bundled with HTTPClient), however using the default system CA store it works just fine:
I suspect the bundle does not include on of the more recent (2009) root certs, the root cert for my certificate is:
Subject: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
which is a newer SHA2 certificate. This would be preferable to setting ssl_verify = false which is what I currently have to do.
Thanks!
ps. filing an issue with HTTPClient too to update their bundled certs if needed
I've been working with another engineer at Riot to help get him more familiar with software engineering - our goal has been to introduce the Faraday gem and remove HTTP. I suspect that might also have a side effect of fixing this issue.
Great, hope that helps, do you have a rough timeline?