class SSLCheck::Certificate
Public Class Methods
new(cert, clock=nil)
click to toggle source
# File lib/sslcheck/certificate.rb, line 6 def initialize(cert, clock=nil) @cert = bootstrap_certificate(cert) @clock = clock || DateTime end
Public Instance Methods
alternate_common_names()
click to toggle source
# File lib/sslcheck/certificate.rb, line 50 def alternate_common_names ext = @cert.extensions.find{|ext| ext.oid == "subjectAltName" } return [] unless ext alternates = ext.value.split(",") names = alternates.map{|a| a.scan(/DNS:(.*)/)[0][0]} names end
bootstrap_certificate(cert)
click to toggle source
# File lib/sslcheck/certificate.rb, line 119 def bootstrap_certificate(cert) return cert if cert.is_a?(OpenSSL::X509::Certificate) return cert if cert.is_a?(SSLCheck::Certificate) OpenSSL::X509::Certificate.new cert end
common_name()
click to toggle source
# File lib/sslcheck/certificate.rb, line 46 def common_name subject.scan(/CN=(.*)/)[0][0] end
expired?()
click to toggle source
# File lib/sslcheck/certificate.rb, line 107 def expired? @clock.now > not_after end
expires_in?(num_days)
click to toggle source
# File lib/sslcheck/certificate.rb, line 111 def expires_in?(num_days) (@clock.now.beginning_of_day + num_days.days) >= not_after.beginning_of_day end
issued?()
click to toggle source
# File lib/sslcheck/certificate.rb, line 115 def issued? @clock.now > not_before end
issued_by()
click to toggle source
# File lib/sslcheck/certificate.rb, line 86 def issued_by match = issuer.match("CN=(.*)") match.captures.first if match end
issuer()
click to toggle source
# File lib/sslcheck/certificate.rb, line 58 def issuer @cert.issuer.to_s end
issuer_common_name()
click to toggle source
# File lib/sslcheck/certificate.rb, line 82 def issuer_common_name issued_by end
issuer_country()
click to toggle source
# File lib/sslcheck/certificate.rb, line 62 def issuer_country match = issuer.match(/C=([\w\s]+)/) match.captures.first if match end
issuer_locality()
click to toggle source
# File lib/sslcheck/certificate.rb, line 72 def issuer_locality match = issuer.match(/L=([\w\s]+)/) match.captures.first if match end
issuer_organization()
click to toggle source
# File lib/sslcheck/certificate.rb, line 77 def issuer_organization match = issuer.match(/O=([^\/]+)/) match.captures.first if match end
issuer_state()
click to toggle source
# File lib/sslcheck/certificate.rb, line 67 def issuer_state match = issuer.match(/ST=([\w\s]+)/) match.captures.first if match end
not_after()
click to toggle source
# File lib/sslcheck/certificate.rb, line 103 def not_after DateTime.parse(@cert.not_after.to_s) end
not_before()
click to toggle source
# File lib/sslcheck/certificate.rb, line 99 def not_before DateTime.parse(@cert.not_before.to_s) end
organizational_unit()
click to toggle source
# File lib/sslcheck/certificate.rb, line 41 def organizational_unit match = subject.match(/OU=([\w\s]+)/) match.captures.first if match end
public_key()
click to toggle source
# File lib/sslcheck/certificate.rb, line 91 def public_key @cert.public_key end
subject()
click to toggle source
# File lib/sslcheck/certificate.rb, line 37 def subject @cert.subject.to_s end
to_h()
click to toggle source
# File lib/sslcheck/certificate.rb, line 15 def to_h { :common_name => common_name, :organization_unit => organizational_unit, :not_before => not_before, :not_after => not_after, :issued => true, :expired => false, :issuer => { :common_name => issuer_common_name, :country => issuer_country, :state => issuer_state, :locality => issuer_locality, :organization => issuer_organization } } end
to_s()
click to toggle source
# File lib/sslcheck/certificate.rb, line 33 def to_s @cert.to_s end
to_x509()
click to toggle source
# File lib/sslcheck/certificate.rb, line 11 def to_x509 OpenSSL::X509::Certificate.new @cert.to_s end
verify(ca)
click to toggle source
# File lib/sslcheck/certificate.rb, line 95 def verify(ca) @cert.verify(ca.public_key) end