Override TLS version **and** ciphers for HTTParty

`set_params` override everything with default parameters if not provided So if ciphers not specified, reset to the default hardcoded ones See https://github.com/ruby/ruby/blob/v2_3_0/ext/openssl/lib/openssl/ssl.rb#L124
2016-05-11 18:20:41 +02:00 · 2016-05-11 18:20:41 +02:00 · e46a1c14c5
parent c34802c7ec
commit e46a1c14c5
1 changed files with 2 additions and 1 deletions
--- a/lib/cryptcheck/tls/https/server.rb
+++ b/lib/cryptcheck/tls/https/server.rb
@ -20,7 +20,8 @@ module CryptCheck
 														   follow_redirects: false,
 														   verify:           false,
 														   timeout:          SSL_TIMEOUT,
-														   ssl_version:      self.supported_protocols.first
+														   ssl_version:      self.supported_protocols.first,
+														   ciphers:          'ALL:COMPLEMENTOFALL'
 												   }
 						if header = response.headers['strict-transport-security']
 							name, value = header.split '='