Make httpclient respect system SSL configurationsh-fix-httpclient-ssl

By default, httpclient (and hence anything that uses rack-oauth2) ignores the system-wide SSL certificate configuration in favor of its own `cacert.pem`. This makes it impossible to use custom certificates without patching that file. Until https://github.com/nahi/httpclient/pull/386 is merged, we work around this limitation by forcing the `HTTPClient` SSL store to use the default system configuration. Closes https://gitlab.com/charts/gitlab/issues/1436
author: Stan Hu <stanhu@gmail.com> 2019-07-15 09:28:56 -0700
committer: Stan Hu <stanhu@gmail.com> 2019-07-15 10:07:10 -0700
commit: a6c0f95705fe790775deb86772173a897322bdc1 (patch)
tree: 5d34732aa754882d767f8df53c69928c1238cc22 /changelogs
parent: 96277bb9d61b5aaf5c2edc388c5eabfc743478f0 (diff)
download: gitlab-ce-a6c0f95705fe790775deb86772173a897322bdc1.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/sh-fix-httpclient-ssl.yml b/changelogs/unreleased/sh-fix-httpclient-ssl.yml
new file mode 100644
index 00000000000..fda4e2e7084
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-httpclient-ssl.yml
@@ -0,0 +1,5 @@
+---
+title: Make httpclient respect system SSL configuration
+merge_request: 30749
+author:
+type: fixed
author	Stan Hu <stanhu@gmail.com>	2019-07-15 09:28:56 -0700
committer	Stan Hu <stanhu@gmail.com>	2019-07-15 10:07:10 -0700
commit	a6c0f95705fe790775deb86772173a897322bdc1 (patch)
tree	5d34732aa754882d767f8df53c69928c1238cc22 /changelogs
parent	96277bb9d61b5aaf5c2edc388c5eabfc743478f0 (diff)
download	gitlab-ce-a6c0f95705fe790775deb86772173a897322bdc1.tar.gz