If you need your own ciphers list, this is how. Stomp's default list will work in many cases. If you need to use this, you will know it because SSL connect will fail. In that case, determining what should be in the list is your responsibility.
Run example.
# File examples/ssl_uc4_ciphers.rb, line 20 def run ciphers_list = [["DHE-RSA-AES256-SHA", "TLSv1/SSLv3", 256, 256], ["DHE-DSS-AES256-SHA", "TLSv1/SSLv3", 256, 256], ["AES256-SHA", "TLSv1/SSLv3", 256, 256], ["EDH-RSA-DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["EDH-DSS-DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["DHE-RSA-AES128-SHA", "TLSv1/SSLv3", 128, 128], ["DHE-DSS-AES128-SHA", "TLSv1/SSLv3", 128, 128], ["AES128-SHA", "TLSv1/SSLv3", 128, 128], ["RC4-SHA", "TLSv1/SSLv3", 128, 128], ["RC4-MD5", "TLSv1/SSLv3", 128, 128], ["EDH-RSA-DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["EDH-DSS-DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["EXP-EDH-RSA-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-EDH-DSS-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-RC2-CBC-MD5", "TLSv1/SSLv3", 40, 128], ["EXP-RC4-MD5", "TLSv1/SSLv3", 40, 128]] # # SSL Use Case 4 # # Change the following: # * location of the client's private key # * location of the client's signed certificate # * location of the server's CA signed certificate ssl_opts = Stomp::SSLParams.new( :key_file => "/home/gmallard/sslwork/2013/client.key", # The client's private key :cert_file => "/home/gmallard/sslwork/2013/client.crt", # The client's signed certificate :ts_files => "/home/gmallard/sslwork/2013/TestCA.crt", # The CA's signed sertificate :fsck => true, # Check that files exist first :ciphers => ciphers_list ) # hash = { :hosts => [ {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts}, ], :reliable => false, # YMMV, to test this in a sane manner } # puts "Connect starts, SSL Use Case 4" c = Stomp::Connection.new(hash) puts "Connect completed" puts "SSL Verify Result: #{ssl_opts.verify_result}" # puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" c.disconnect end
Generated with the Darkfish Rdoc Generator 2.