Add cert_store option (#330)

README.md

@@ -87,6 +87,7 @@ The `:ssl` transport establishes a connection to the winrm endpoint over a secur
 * `:no_ssl_peer_verification` - when set to `true` ssl certificate validation is not performed. With a self signed cert, its a match made in heaven!
 * `:ssl_peer_fingerprint` - when this is provided, normal certificate validation is skipped and instead the given fingerprint is matched against the certificate of the endpoint for verification.
 * `:ca_trust_path` - the path to a certificate `.pem` file to trust. Its similar to the `:ssl_peer_fingerprint` but contains the entire certificate to trust.
+* `:cert_store` - an OpenSSL::X509::X509::Store object used for certificate verification.
 
 ### `:kerberos`
 ```ruby

lib/winrm/http/transport.rb

@@ -162,6 +162,7 @@ def initialize(endpoint, user, pass, opts)
         no_ssl_peer_verification! if opts[:no_ssl_peer_verification]
         @ssl_peer_fingerprint = opts[:ssl_peer_fingerprint]
         @httpcli.ssl_config.set_trust_ca(opts[:ca_trust_path]) if opts[:ca_trust_path]
+        @httpcli.ssl_config.cert_store = opts[:cert_store] if opts[:cert_store]
       end
 
       def send_request(message)
@@ -269,6 +270,7 @@ def initialize(endpoint, user, pass, opts)
         no_ssl_peer_verification! if opts[:no_ssl_peer_verification]
         @ssl_peer_fingerprint = opts[:ssl_peer_fingerprint]
         @httpcli.ssl_config.set_trust_ca(opts[:ca_trust_path]) if opts[:ca_trust_path]
+        @httpcli.ssl_config.cert_store = opts[:cert_store] if opts[:cert_store]
       end
     end
 
@@ -281,6 +283,7 @@ def initialize(endpoint, client_cert, client_key, key_pass, opts)
         no_ssl_peer_verification! if opts[:no_ssl_peer_verification]
         @ssl_peer_fingerprint = opts[:ssl_peer_fingerprint]
         @httpcli.ssl_config.set_trust_ca(opts[:ca_trust_path]) if opts[:ca_trust_path]
+        @httpcli.ssl_config.cert_store = opts[:cert_store] if opts[:cert_store]
       end
     end