ssl-test 1.5.0 → 2.0.0

data/spec/ssl-test_spec.rb

@@ -2,13 +2,24 @@ require "ssl-test"
 require "benchmark"
 require 'webrick'
 require 'webrick/httpproxy'
+require 'rspec/retry'
 
 # Uncomment for debug logging:
 # require "logger"
 # SSLTest.logger = Logger.new(STDOUT)
 
+RSpec.configure do |config|
+  # The error/revocation examples below hit several public TLS test endpoints
+  # (badssl.com, testserver.host, ssl.com) which intermittently reset connections
+  # under load. They're spread across a few providers to avoid hammering a single
+  # one, and examples tagged `:retry` are re-run a few times (via rspec-retry) so
+  # transient network blips don't fail the suite.
+  config.verbose_retry = true
+  config.default_sleep_interval = 1
+end
+
 describe SSLTest do
-  before { SSLTest.flush_cache }
+  before { SSLTest.cache.clear }
 
   let(:proxy_thread) { nil }
 
@@ -48,36 +59,36 @@ describe SSLTest do
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on self signed certificate" do
-      valid, error, cert = SSLTest.test("https://self-signed.badssl.com/")
+    it "returns error on self signed certificate", :retry => 5 do
+      valid, error, cert = SSLTest.test("https://self-signed.testserver.host/")
       expect(error).to eq ("error code 18: self-signed certificate")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on incomplete chain" do
+    it "returns error on incomplete chain", :retry => 5 do
       valid, error, cert = SSLTest.test("https://incomplete-chain.badssl.com/")
       expect(error).to eq ("error code 20: unable to get local issuer certificate")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on untrusted root" do
-      valid, error, cert = SSLTest.test("https://untrusted-root.badssl.com/")
+    it "returns error on untrusted root", :retry => 5 do
+      valid, error, cert = SSLTest.test("https://untrusted-root.testserver.host/")
       expect(error).to eq ("error code 19: self-signed certificate in certificate chain")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on invalid host" do
+    it "returns error on invalid host", :retry => 5 do
       valid, error, cert = SSLTest.test("https://wrong.host.badssl.com/")
       expect(error).to include('error code 62: hostname mismatch')
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on expired cert" do
-      valid, error, cert = SSLTest.test("https://expired.badssl.com/")
+    it "returns error on expired cert", :retry => 5 do
+      valid, error, cert = SSLTest.test("https://expired-rsa-dv.ssl.com/")
       expect(error).to eq ("error code 10: certificate has expired")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
@@ -86,7 +97,7 @@ describe SSLTest do
     it "returns undetermined state on unhandled error" do
       valid, error, cert = SSLTest.test("https://pijoinlrfgind.com")
       expect(error).to include("SSL certificate test failed: Failed to open TCP connection to pijoinlrfgind.com:443")
-      expect(error).to include(/name.*not known/i)
+      expect(error).to match(/name.*not known/i)
       expect(valid).to be_nil
       expect(cert).to be_nil
     end
@@ -94,13 +105,13 @@ describe SSLTest do
     it "stops on timeouts" do
       valid, error, cert = SSLTest.test("https://updown.io", open_timeout: 0)
       expect(error).to include("SSL certificate test failed")
-      expect(error).to include(/timeout/i)
+      expect(error).to match(/timeout/i)
       expect(valid).to be_nil
       expect(cert).to be_nil
     end
 
     it "reports revocation exceptions" do
-      expect(SSLTest).to receive(:follow_ocsp_redirects).and_raise(ArgumentError.new("test"))
+      expect(SSLTest).to receive(:follow_crl_redirects).and_raise(ArgumentError.new("test"))
       valid, error, cert = SSLTest.test("https://digicert.com")
       expect(error).to eq ("SSL certificate test failed: test")
       expect(valid).to be_nil
@@ -108,45 +119,48 @@ describe SSLTest do
     end
 
     it "returns error on revoked cert (OCSP)" do
+      # CRL is tried first; disable it so OCSP performs the revocation check
+      expect(SSLTest).to receive(:test_crl_revocation).once.and_return([false, "skip CRL", nil])
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
-      expect(SSLTest).not_to receive(:follow_crl_redirects)
       valid, error, cert = SSLTest.test("https://revoked-rsa-dv.ssl.com/")
-      expect(error).to eq ("SSL certificate revoked: The certificate was revoked for an unknown reason (revocation date: 2025-06-09 15:07:39 UTC)")
+      expect(error).to eq ("SSL certificate revoked: The certificate was revoked for an unspecified reason (revocation date: 2026-06-09 14:37:38 UTC)")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "returns error on revoked cert (CRL)" do
-      expect(SSLTest).to receive(:test_ocsp_revocation).once.and_return([false, "skip OCSP", nil])
+    it "returns error on revoked cert (CRL)", :retry => 5 do
+      # CRL is tried first and detects the revocation, so OCSP is never used
       expect(SSLTest).to receive(:follow_crl_redirects).once.and_call_original
+      expect(SSLTest).not_to receive(:test_ocsp_revocation)
       valid, error, cert = SSLTest.test("https://revoked.badssl.com/")
-      expect(error).to eq ("SSL certificate revoked: Key Compromise (revocation date: 2025-11-04 21:01:29 UTC)")
+      expect(error).to eq ("SSL certificate revoked: Key Compromise (revocation date: 2026-05-12 21:01:31 UTC)")
       expect(valid).to eq(false)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
     it "stops following redirection after the limit for the revoked certs check" do
       valid, error, cert = SSLTest.test("https://github.com/", redirection_limit: 0)
-      expect(error).to include("Revocation test couldn't be performed: OCSP: Request failed")
+      expect(error).to include("Revocation test couldn't be performed: CRL: Missing crlDistributionPoints extension")
+      expect(error).to include("OCSP: Request failed")
       expect(error).to include("Too many redirections (> 0)")
       expect(valid).to eq(true)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
     it "warns when the OCSP URI is missing" do
-      # Disable CRL fallback to see error message
-      expect(SSLTest).to receive(:test_crl_revocation).once.and_return([false, "skip CRL", nil])
+      # Disable CRL (tried first) to see the OCSP error message
+      expect(SSLTest).to receive(:test_crl_revocation).twice.and_return([false, "skip CRL", nil])
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
       valid, error, cert = SSLTest.test("https://google.com")
-      expect(error).to eq ("Revocation test couldn't be performed: OCSP: Missing OCSP URI in authorityInfoAccess extension, CRL: skip CRL")
+      expect(error).to eq ("Revocation test couldn't be performed: CRL: skip CRL, OCSP: Missing OCSP URI in authorityInfoAccess extension")
       expect(valid).to eq(true)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
     it "works with CRL only" do
-      # Disable OCSP
-      expect(SSLTest).to receive(:test_ocsp_revocation).twice.and_return([false, "skip OCSP", nil])
+      # CRL is tried first and succeeds for both certs, so OCSP is never used
       expect(SSLTest).to receive(:follow_crl_redirects).twice.and_call_original
+      expect(SSLTest).not_to receive(:test_ocsp_revocation)
       valid, error, cert = SSLTest.test("https://www.demarches-simplifiees.fr")
       expect(error).to be_nil
       expect(valid).to eq(true)
@@ -158,20 +172,20 @@ describe SSLTest do
       expect(SSLTest).to receive(:test_ocsp_revocation).once.and_return([false, "skip OCSP", nil])
       expect(SSLTest).not_to receive(:follow_crl_redirects)
       valid, error, cert = SSLTest.test("https://github.com")
-      expect(error).to eq ("Revocation test couldn't be performed: OCSP: skip OCSP, CRL: Missing crlDistributionPoints extension")
+      expect(error).to eq ("Revocation test couldn't be performed: CRL: Missing crlDistributionPoints extension, OCSP: skip OCSP")
       expect(valid).to eq(true)
       expect(cert).to be_a OpenSSL::X509::Certificate
     end
 
-    it "works with OCSP for first cert and CRL for intermediate (Google)" do
+    it "works with OCSP for first cert and CRL for intermediate (GitHub)" do
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
       expect(SSLTest).to receive(:follow_crl_redirects).once.and_call_original
-      valid, error, cert = SSLTest.test("https://google.com")
+      valid, error, cert = SSLTest.test("https://github.com")
       expect(error).to be_nil
       expect(valid).to eq(true)
       expect(cert).to be_a OpenSSL::X509::Certificate
       # make sure both were used
-      expect(SSLTest.cache_size).to match({
+      expect(SSLTest.cache.size).to match({
         crl:  hash_including(lists: 1),
         ocsp: hash_including(responses: 1, errors: 0)
       })
@@ -222,35 +236,8 @@ describe SSLTest do
     end
   end
 
-  describe '.cache_size' do
-    before { SSLTest.flush_cache }
-
-    it "returns 0 by default" do
-      expect(SSLTest.cache_size).to eq({
-        crl:  { bytes: 0,  lists: 0 },
-        ocsp: { bytes: 0, errors: 0, responses: 0 }
-      })
-    end
-
-    it "returns CRL cache size properly" do
-      SSLTest.send(:follow_crl_redirects, URI("http://crl.certigna.fr/certigna.crl")) # 1.1k
-      SSLTest.send(:follow_crl_redirects, URI("http://crl3.digicert.com/DigiCertTLSHybridECCSHA3842020CA1-1.crl")) # 26k
-      expect(SSLTest.cache_size[:crl][:lists]).to eq(2)
-      expect(SSLTest.cache_size[:crl][:bytes]).to be > 6000
-    end
-
-    it "returns OCSP cache size properly" do
-      SSLTest.test("https://google.com")
-      expect(SSLTest.cache_size[:ocsp][:responses]).to eq(1)
-      expect(SSLTest.cache_size[:ocsp][:errors]).to eq(0)
-      expect(SSLTest.cache_size[:ocsp][:bytes]).to be > 150
-      expect(SSLTest.cache_size[:crl][:lists]).to eq(1)
-      expect(SSLTest.cache_size[:crl][:bytes]).to be > 500
-    end
-  end
-
   describe '.follow_crl_redirects' do
-    before { SSLTest.flush_cache }
+    before { SSLTest.cache.clear }
     # 19MB: http://crl3.digicert.com/ssca-sha2-g6.crl
     it "fetch CRL list and updates cache" do
       uri = URI("http://crl.certigna.fr/certigna.crl")
@@ -259,11 +246,11 @@ describe SSLTest do
       expect(error).to be_nil
 
       # Check cache status
-      cache = SSLTest.instance_variable_get('@crl_response_cache')
-      expect(cache.size).to equal 1
-      expect(cache.keys).to match_array [uri]
-      expect(cache[uri].keys).to match_array [:body, :expires, :etag, :last_mod]
-      expect(cache[uri][:expires]).to be > (Time.now + 3590)
+      cache_key = "ssl-test/crl/#{uri}"
+      entry = SSLTest.cache.read(cache_key)
+      expect(entry).not_to be_nil
+      expect(entry.keys).to match_array [:body, :expires, :etag, :last_mod]
+      expect(entry[:expires]).to be > (Time.now + 3590)
 
       # Make sure we return value from cache
       body2, error2 = nil, nil
@@ -272,7 +259,7 @@ describe SSLTest do
       expect(body2).to be(body) # using cache
 
       # Make sure we return cached value in case of 304
-      cache[uri][:expires] = Time.now # cache is now expired
+      SSLTest.cache.write(cache_key, entry.merge(expires: Time.now), expires_in: nil) # cache is now expired
       body2, error2 = nil, nil
       time = Benchmark.realtime { body2, error2 = SSLTest.send(:follow_crl_redirects, uri) }
       expect(time).to be > 0.001 # a request is made
@@ -280,6 +267,33 @@ describe SSLTest do
     end
   end
 
+  describe '.cache' do
+    # Restore the default in-process store after tests that swap the backend so
+    # global state doesn't leak between examples.
+    after { SSLTest.cache = SSLTest::MemoryStore.new }
+
+    it "defaults to an in-process MemoryStore" do
+      SSLTest.instance_variable_set(:@cache, nil) # reset memoized default
+      expect(SSLTest.cache).to be_a SSLTest::MemoryStore
+    end
+
+    it "uses the configured backend for CRL and OCSP" do
+      store = SSLTest::MemoryStore.new
+      SSLTest.cache = store
+      expect(store).to receive(:write).at_least(:once).and_call_original
+      expect(store).to receive(:read).at_least(:once).and_call_original
+      SSLTest.test("https://github.com")
+    end
+
+    it "cache_size (removed in 2.0) raises pointing to cache.size" do
+      expect { SSLTest.cache_size }.to raise_error(NoMethodError, /SSLTest\.cache\.size/)
+    end
+
+    it "flush_cache (removed in 2.0) raises pointing to cache.clear" do
+      expect { SSLTest.flush_cache }.to raise_error(NoMethodError, /SSLTest\.cache\.clear/)
+    end
+  end
+
   describe '.test_cert' do
     it "returns no error on valid SNI website" do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/www_mycs_com_client.pem')))
@@ -323,7 +337,7 @@ describe SSLTest do
     it "reports revocation exceptions" do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/digicert_com_client.pem')))
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/digicert_com_ca_bundle.pem')))
-      expect(SSLTest).to receive(:follow_ocsp_redirects).and_raise(ArgumentError.new("test"))
+      expect(SSLTest).to receive(:follow_crl_redirects).and_raise(ArgumentError.new("test"))
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
       expect(error).to eq("SSL certificate test failed: test")
       expect(valid).to be_nil
@@ -334,8 +348,9 @@ describe SSLTest do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/revoked_rsa_dv_client.pem')))
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/revoked_rsa_dv_ca_bundle.pem')))
 
+      # CRL is tried first; disable it so OCSP performs the revocation check
+      expect(SSLTest).to receive(:test_crl_revocation).once.and_return([false, "skip CRL", nil])
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
-      expect(SSLTest).not_to receive(:follow_crl_redirects)
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
       expect(error).to eq ("SSL certificate revoked: The certificate was revoked for an unknown reason (revocation date: 2025-06-09 15:07:39 UTC)")
@@ -347,10 +362,11 @@ describe SSLTest do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/revoked_badssl_client.pem')))
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/revoked_badssl_ca_bundle.pem')))
 
-      expect(SSLTest).to receive(:test_ocsp_revocation).once.and_return([false, "skip OCSP", nil])
+      # CRL is tried first and detects the revocation, so OCSP is never used
       expect(SSLTest).to receive(:follow_crl_redirects).once.and_call_original
+      expect(SSLTest).not_to receive(:test_ocsp_revocation)
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
-      expect(error).to eq ("SSL certificate revoked: Key Compromise (revocation date: 2025-11-04 21:01:29 UTC)")
+      expect(error).to eq ("SSL certificate revoked: Key Compromise (revocation date: 2026-05-12 21:01:31 UTC)")
       expect(valid).to eq(false)
       expect(cert).to eq(cert)
     end
@@ -360,7 +376,8 @@ describe SSLTest do
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/www_github_com_ca_bundle.pem')))
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle, redirection_limit: 0)
-      expect(error).to include("Revocation test couldn't be performed: OCSP: Request failed")
+      expect(error).to include("Revocation test couldn't be performed: CRL: Missing crlDistributionPoints extension")
+      expect(error).to include("OCSP: Request failed")
       expect(error).to include("Too many redirections (> 0)")
       expect(valid).to eq(true)
       expect(cert).to eq(cert)
@@ -370,12 +387,12 @@ describe SSLTest do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/google_com_client.pem')))
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/google_com_ca_bundle.pem')))
 
-      # Disable CRL fallback to see error message
-      expect(SSLTest).to receive(:test_crl_revocation).once.and_return([false, "skip CRL", nil])
+      # Disable CRL (tried first) to see the OCSP error message
+      expect(SSLTest).to receive(:test_crl_revocation).twice.and_return([false, "skip CRL", nil])
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
-      expect(error).to eq ("Revocation test couldn't be performed: OCSP: Missing OCSP URI in authorityInfoAccess extension, CRL: skip CRL")
+      expect(error).to eq ("Revocation test couldn't be performed: CRL: skip CRL, OCSP: Missing OCSP URI in authorityInfoAccess extension")
       expect(valid).to eq(true)
       expect(cert).to eq(cert)
     end
@@ -384,9 +401,9 @@ describe SSLTest do
       cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/www_demarches-simplifiees_fr_client.pem')))
       ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/www_demarches-simplifiees_fr_ca_bundle.pem')))
 
-      # Disable OCSP
-      expect(SSLTest).to receive(:test_ocsp_revocation).twice.and_return([false, "skip OCSP", nil])
+      # CRL is tried first and succeeds for both certs, so OCSP is never used
       expect(SSLTest).to receive(:follow_crl_redirects).twice.and_call_original
+      expect(SSLTest).not_to receive(:test_ocsp_revocation)
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
       expect(error).to be_nil
@@ -403,25 +420,25 @@ describe SSLTest do
       expect(SSLTest).not_to receive(:follow_crl_redirects)
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
-      expect(error).to eq ("Revocation test couldn't be performed: OCSP: skip OCSP, CRL: Missing crlDistributionPoints extension")
+      expect(error).to eq ("Revocation test couldn't be performed: CRL: Missing crlDistributionPoints extension, OCSP: skip OCSP")
       expect(valid).to eq(true)
       expect(cert).to eq(cert)
 
     end
 
-    it "works with OCSP for first cert and CRL for intermediate (Google)" do
+    it "works with OCSP for first cert and CRL for intermediate (GitHub)" do
       expect(SSLTest).to receive(:follow_ocsp_redirects).once.and_call_original
       expect(SSLTest).to receive(:follow_crl_redirects).once.and_call_original
 
-      cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/google_com_client.pem')))
-      ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/google_com_ca_bundle.pem')))
+      cert = OpenSSL::X509::Certificate.new(File.read(File.join(__dir__, 'fixtures/www_github_com_client.pem')))
+      ca_bundle = OpenSSL::X509::Certificate.load(File.read(File.join(__dir__, 'fixtures/www_github_com_ca_bundle.pem')))
 
       valid, error, cert = SSLTest.test_cert(cert, ca_bundle)
       expect(error).to be_nil
       expect(valid).to eq(true)
       expect(cert).to eq(cert)
       # make sure both were used
-      expect(SSLTest.cache_size).to match({
+      expect(SSLTest.cache.size).to match({
         crl:  hash_including(lists: 1),
         ocsp: hash_including(responses: 1, errors: 0)
       })
@@ -453,7 +470,8 @@ describe SSLTest do
           expect(valid).to eq(true)
           expect(cert).to eq(cert)
 
-          expect($proxy).to have_received(:do_GET).once
+          # CRL is tried first, so both certs are checked via CRL (GET) through the proxy
+          expect($proxy).to have_received(:do_GET).twice
         end
       end
 

data/ssl-test.gemspec

@@ -20,5 +20,12 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", ">= 1.7"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec"
+  spec.add_development_dependency "rspec-retry"
   spec.add_development_dependency "webrick"
+  # Used to verify SSLTest.cache works with the classic Rails/ActiveSupport
+  # cache stores (MemoryStore, FileStore, NullStore, MemCacheStore via dalli,
+  # RedisCacheStore via redis).
+  spec.add_development_dependency "activesupport"
+  spec.add_development_dependency "dalli"
+  spec.add_development_dependency "redis"
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: ssl-test
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Adrien Rey-Jarthon
 bindir: bin
 cert_chain: []
-date: 2025-11-28 00:00:00.000000000 Z
+date: 2026-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -51,6 +51,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-retry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: webrick
   requirement: !ruby/object:Gem::Requirement
@@ -65,6 +79,48 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: dalli
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: redis
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 email:
 - jobs@adrienjarthon.com
 executables: []
@@ -80,8 +136,10 @@ files:
 - Rakefile
 - lib/ssl-test.rb
 - lib/ssl-test/crl.rb
+- lib/ssl-test/memory_store.rb
 - lib/ssl-test/object_size.rb
 - lib/ssl-test/ocsp.rb
+- spec/cache_backends_spec.rb
 - spec/fixtures/digicert_com_ca_bundle.pem
 - spec/fixtures/digicert_com_client.pem
 - spec/fixtures/expired_cert_ca_bundle.pem
@@ -102,6 +160,7 @@ files:
 - spec/fixtures/www_github_com_client.pem
 - spec/fixtures/www_mycs_com_ca_bundle.pem
 - spec/fixtures/www_mycs_com_client.pem
+- spec/memory_store_spec.rb
 - spec/ssl-test_spec.rb
 - ssl-test.gemspec
 homepage: https://github.com/jarthod/ssl-test
@@ -126,6 +185,7 @@ rubygems_version: 3.6.2
 specification_version: 4
 summary: Test website SSL certificate validity
 test_files:
+- spec/cache_backends_spec.rb
 - spec/fixtures/digicert_com_ca_bundle.pem
 - spec/fixtures/digicert_com_client.pem
 - spec/fixtures/expired_cert_ca_bundle.pem
@@ -146,4 +206,5 @@ test_files:
 - spec/fixtures/www_github_com_client.pem
 - spec/fixtures/www_mycs_com_ca_bundle.pem
 - spec/fixtures/www_mycs_com_client.pem
+- spec/memory_store_spec.rb
 - spec/ssl-test_spec.rb