From f35d7468f01bac597936cb0906ca6860cf7d4cf2 Mon Sep 17 00:00:00 2001
From: Dina <dina.westland@couchsurfing.com>
Date: Tue, 29 Jul 2014 11:26:43 -0700
Subject: [PATCH] Throw error when chain certs are *not*
 OpenSSL::X509::Certificate

It looks like the logic to check for cert types was inverted in a recent refactor.
---
 src/main/java/org/jruby/ext/openssl/SSLContext.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/jruby/ext/openssl/SSLContext.java b/src/main/java/org/jruby/ext/openssl/SSLContext.java
index 1a9bd1c6..9c603692 100644
--- a/src/main/java/org/jruby/ext/openssl/SSLContext.java
+++ b/src/main/java/org/jruby/ext/openssl/SSLContext.java
@@ -570,7 +570,7 @@ private X509Cert[] convertToX509Certs(final ThreadContext context, IRubyObject v
 
                 public IRubyObject call(ThreadContext context, IRubyObject[] args, Block block) {
                     final IRubyObject cert = args[0];
-                    if ( _Certificate.isInstance(cert) ) {
+                    if ( ! ( _Certificate.isInstance(cert) ) ) {
                         throw context.runtime.newTypeError("wrong argument : " + cert.inspect() + " is not a " + _Certificate.getName());
                     }
                     result.add((X509Cert) cert);