Sends “close notify” to the peer and tries to shut down the SSL connection gracefully.
If sync_close is set to true, the underlying IO is also closed.
The X509 certificate for this socket endpoint.
Returns the cipher suite actually used in the current session, or nil if no session has been established.
See IO#close for details.
Performs the certificate verification using the parameters set to stctx.
See also the man page X509_verify_cert(3).
Returns the error code of stctx. This is typically called after verify is done, or from the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_get_error(3).
Sets the error code of stctx. This is used by the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_set_error(3).
Read the chained certificates from the given input. Supports both PEM and DER encoded certificates.
PEM is a text format and supports more than one certificate.
DER is a binary format and only supports one certificate.
If the file is empty, or contains only unrelated data, an OpenSSL::X509::CertificateError exception will be raised.
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey.
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’