From e239f9cd4da391496b0eff4fbf8f3aa1f3a047a2 Mon Sep 17 00:00:00 2001
From: The Unnamed Engineer <theunnamedengineer@proton.me>
Date: Wed, 11 Jun 2025 06:20:29 -0400
Subject: [PATCH] Patch IRC config to detect RHEL cert bundle

---
 lib/asterisk/irc_client.rb | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/asterisk/irc_client.rb b/lib/asterisk/irc_client.rb
index 5f2dafd..0c7541a 100644
--- a/lib/asterisk/irc_client.rb
+++ b/lib/asterisk/irc_client.rb
@@ -10,6 +10,15 @@ class W3DHub
       TAG = "IRCClient"
 
       class SSL
+        # Detect system CA bundle path for SSL verification
+        def self.ca_bundle_path
+          [
+            '/etc/ssl/certs/ca-certificates.crt',      # Debian/Ubuntu
+            '/etc/pki/tls/certs/ca-bundle.crt',        # RHEL/Fedora/CentOS
+            '/etc/ssl/ca-bundle.pem'                   # Some other distros
+          ].find { |path| File.exist?(path) }
+        end
+
         def self.default_context
           verify_peer_and_hostname
         end
@@ -23,7 +32,13 @@ class W3DHub
         def self.verify_peer
           no_verify.tap do |context|
             context.verify_mode = OpenSSL::SSL::VERIFY_PEER
-            context.cert_store = OpenSSL::X509::Store.new.tap(&:set_default_paths)
+            context.cert_store = OpenSSL::X509::Store.new
+            ca_file = ca_bundle_path
+            if ca_file
+              context.cert_store.add_file(ca_file)
+            else
+              context.cert_store.set_default_paths
+            end
           end
         end