RubyGems.org

Ruby’s net/http is setup to never verify SSL certificates by default. Most ruby libraries do the same. That means that you’re not verifying the identity of the server you’re communicating with and are therefore exposed to man in the middle attacks. This gem monkey-patches net/http to force certificate verification and make turning it off impossible.

installgem install always_verify_ssl_certificates
Authors

James Golick

9,630 total downloads 4,788 for this version
Owners

F6eddf2f983d23c2d031e407852625e9

Gemfile
gem 'always_verify_ssl_certificates', '~> 0.3.0'
Versions
  1. 0.3.0 March 17, 2011 (6.5 KB)
  2. 0.2.0 December 9, 2010 (6.5 KB)
  3. 0.1.0 December 7, 2010 (6.5 KB)