From: "hoshinotsuyoshi (tsuyoshi hoshino)" <noreply@...>
Date: 2021-12-19T11:58:52+00:00
Subject: [ruby-core:106733] [Ruby master Feature#18418] Add Net::HTTP#security_level=

Issue #18418 has been reported by hoshinotsuyoshi (tsuyoshi hoshino).

----------------------------------------
Feature #18418: Add Net::HTTP#security_level=
https://bugs.ruby-lang.org/issues/18418

* Author: hoshinotsuyoshi (tsuyoshi hoshino)
* Status: Open
* Priority: Normal
----------------------------------------
### Use Case:

I want to connect to an HTTP(S) server (using `Net::HTTP`) that cannot connect with security level[^1] 2 and needs to specify security level 1.
My server is a newer debian (docker image `ruby:3.0.3`, based on debian bullseye) and I need to change the configuration in `/etc/ssl/openssl.cnf` to do the above.
And I really don't want to do that, because it affects other SSL communication between my server and other servers.

---

So it would be nice if there is a `Net::HTTP#security_level=` that can change the `OpenSSL::SSL::SSLContext` instance, just like we already have `Net::HTTP#max_version=`.

Note that similar information has been posted[^2] to the mailing list in the past.

[^1]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
[^2]: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/50825


---Files--------------------------------
http_security_level.patch (817 Bytes)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>