@@ -18,5 +18,40 @@ To install the mongo gem manually:
1818
1919.. code-block:: sh
2020
21- gem install mongo -v 2.5.0
21+ gem install mongo -v 2.5.1
2222
23+ TLS/SSL and the Ruby driver
24+ ---------------------------
25+
26+ Industry best practices, and some regulations, require the use of TLS 1.1 or newer. Though no application changes are
27+ required for the Ruby driver to make use of the newest protocols, some operating systems or versions may not provide
28+ an OpenSSL version new enough to support them.
29+
30+ Users of macOS older than 10.13 (High Sierra) will need to install Ruby from `rvm`_, `homebrew`_, `macports`_, or
31+ another similar source. See `installation information on ruby-lang.org`_ for more options.
32+
33+ Users of Linux or other non-macOS Unix can check their OpenSSL version like this:
34+
35+ .. code-block:: sh
36+
37+ $ openssl version
38+
39+ If the version number is less than 1.0.1 support for TLS 1.1 or newer is not available. Contact your operating system
40+ vendor for a solution or upgrade to a newer distribution.
41+
42+ You can check your Ruby interpreter by executing the following command:
43+
44+ .. code-block:: sh
45+
46+ ruby -e "require 'net/http'; require 'json'; puts JSON.parse(Net::HTTP.get(URI('https://www.howsmyssl.com/a/check')))['tls_version']"
47+
48+ You should see "TLS 1.X" where X is >= 1.
49+
50+ You can read more about TLS versions and their security implications here:
51+
52+ `<https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet#Rule_-_Only_Support_Strong_Protocols>`_
53+
54+ .. _rvm: https://rvm.io/
55+ .. _homebrew: https://brew.sh/
56+ .. _macports: https://www.macports.org/
57+ .. _installation information on ruby-lang.org: https://www.ruby-lang.org/en/documentation/installation
0 commit comments