knqyf263 · August 29, 2015 14:24
diff --git a/client.rb b/client.rb
 require 'net/https'
 https = Net::HTTP.new('bad', 12345)
 https.use_ssl = true
 https.verify_mode = OpenSSL::SSL::VERIFY_PEER
 https.ca_file = 'certs/roots.pem'

 https.start { |h|
  response = h.get("/")
  puts response.body
 }
diff --git a/server.rb b/server.rb
 require 'socket'
 require 'openssl'

 port = 12345
 bad = 'certs/bad.pem'
 bad_key = 'certs/bad.key'
 interCA = 'certs/interCA.pem'
 subinterCA = 'certs/subinterCA.pem'
 leaf = 'certs/leaf.pem'

 ctx = OpenSSL::SSL::SSLContext.new
 ctx.cert, *ctx.extra_chain_cert = [bad, leaf, subinterCA, interCA].map{|cert| OpenSSL::X509::Certificate.new File.read(cert)}
 ctx.key = OpenSSL::PKey::RSA.new File.read(bad_key)

 server = TCPServer.new port
 sslServer = OpenSSL::SSL::SSLServer.new server, ctx

 while client = sslServer.accept
  client.puts "HTTP/1.1 200 OK\r\nContent-Length: 7\r\n\r\nSuccess"
 end
	require 'net/https'
	https = Net::HTTP.new('bad', 12345)
	https.use_ssl = true
	https.verify_mode = OpenSSL::SSL::VERIFY_PEER
	https.ca_file = 'certs/roots.pem'

	https.start { \|h\|
	response = h.get("/")
	puts response.body
	}
	require 'socket'
	require 'openssl'

	port = 12345
	bad = 'certs/bad.pem'
	bad_key = 'certs/bad.key'
	interCA = 'certs/interCA.pem'
	subinterCA = 'certs/subinterCA.pem'
	leaf = 'certs/leaf.pem'

	ctx = OpenSSL::SSL::SSLContext.new
	ctx.cert, *ctx.extra_chain_cert = [bad, leaf, subinterCA, interCA].map{\|cert\| OpenSSL::X509::Certificate.new File.read(cert)}
	ctx.key = OpenSSL::PKey::RSA.new File.read(bad_key)

	server = TCPServer.new port
	sslServer = OpenSSL::SSL::SSLServer.new server, ctx

	while client = sslServer.accept
	client.puts "HTTP/1.1 200 OK\r\nContent-Length: 7\r\n\r\nSuccess"
	end