Hi, I'm playing with Ruby OpenSSL in order to validate certificates.
I've started with a code very similar to the present in
https://github.com/negativecode/vines/blob/master/lib/vines/store.rb.

Basically I get the list of CA Root Certificates from Mozilla:
  http://curl.haxx.se/ca/cacert.pem

I add all the certificates present in that file to a
OpenSSL::X509::Store instance.
Then I try to validate the certificate of www.github.com (which of
course is valid). But always get "invalid"

I would appreciate if somebody could check the code and explain me why
it does not work at all. To test it:

- Get this tar.gz:  http://public.aliax.net/ruby-ssl.tar.gz

- Decompress it. You will get:
  - cacert.pem (CA Root Certificates from Mozilla)
  - github.crt (Github valid certificate)
  - check-cert.rb (the script)

- Run:  ./check-cert.rb github.crt

As you can see it fails to validate the certificate from Github. Could
somebody help me please?
Thanks a lot.



-- 
Iaki Baz Castillo
<ibc / aliax.net>