module EaSSL

About EaSSL

Author

Paul Nicholson (paul@webpowerdesign.net)

Co-Author

Adam Williams (adam@thewilliams.ws)

Copyright

Copyright © 2006 WebPower Design

License

Distributes under the same terms as Ruby

By requiring eassl, you can load the full set of EaSSL classes.

For a full list of features and instructions, see the README.

EaSSL is a module containing all of the great EaSSL classes for creating and managing openSSL keys, signing request, and certificates.

Constants

VERSION

Public Class Methods

config_webrick(webrick_config, options = {}) click to toggle source
# File lib/eassl.rb, line 31
def self.config_webrick(webrick_config, options = {})
  hostname = `hostname`.strip
  eassl_host_dir = "#{File.expand_path('~')}/.eassl/#{hostname}"
  ca_cert_file = "#{eassl_host_dir}/ca.crt"
  ca_key_file = "#{eassl_host_dir}/ca.key"
  server_key_file = "#{eassl_host_dir}/server.key"
  server_cert_file = "#{eassl_host_dir}/server.crt"
  FileUtils.rm_rf(eassl_host_dir) if options[:force_regeneration]

  if File.exist?(server_cert_file)
    key = Key.load(server_key_file, 'countinghouse1234')
    cert = Certificate.load(server_cert_file)
  else
    ca, sr, cert = self.generate_self_signed({:name => {:common_name => hostname}, :bits => 1024}.update(options))
    key = sr.key
    FileUtils.makedirs(eassl_host_dir)
    File.open(%(#{ca_cert_file}.pem), "w", 0777) {|f| f << ca.certificate.to_pem }
    File.open(%(#{ca_cert_file}.der), "w", 0777) {|f| f << ca.certificate.to_der }
    File.open(ca_key_file, "w", 0777) {|f| f << ca.key.to_pem }
    File.open(server_key_file, "w", 0777) {|f| f << key.to_pem }
    File.open(server_cert_file, "w", 0777) {|f| f << cert.to_pem }
  end

  webrick_config.update({
    :SSLEnable       => true,
    :SSLPrivateKey => key.ssl,
    :SSLCertificate => cert.ssl,
    :SSLExtraChainCert => [Certificate.load(%(#{ca_cert_file}.pem)).ssl],
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLStartImmediately => true,
  })
end
generate_self_signed(options) click to toggle source
# File lib/eassl.rb, line 24
def self.generate_self_signed(options)
  ca = CertificateAuthority.new({:bits => 1024}.update(options[:ca_options]||{}))
  sr = SigningRequest.new(options)
  cert = ca.create_certificate(sr)
  [ca, sr, cert]
end