class EaSSL::AuthorityCertificate

Author

Paul Nicholson (paul@webpowerdesign.net)

Co-Author

Adam Williams (adam@thewilliams.ws)

Copyright

Copyright © 2006 WebPower Design

License

Distributes under the same terms as Ruby

Public Class Methods

load(pem_file_path) click to toggle source
# File lib/eassl/authority_certificate.rb, line 55
def self.load(pem_file_path)
  new({}).load(File.read(pem_file_path))
end
new(options) click to toggle source
# File lib/eassl/authority_certificate.rb, line 9
def initialize(options)
  @options = {
    :key => nil, #required
    :name => {}, #required, CertificateName
  }.update(options)
end

Public Instance Methods

load(pem_string) click to toggle source
# File lib/eassl/authority_certificate.rb, line 46
def load(pem_string)
  begin
    @ssl = OpenSSL::X509::Certificate.new(pem_string)
  rescue
    raise "CertificateLoader: Error loading certificate"
  end
  self
end
method_missing(method) click to toggle source
# File lib/eassl/authority_certificate.rb, line 42
def method_missing(method)
  ssl.send(method)
end
ssl() click to toggle source
# File lib/eassl/authority_certificate.rb, line 16
def ssl
  unless @ssl
    cert = OpenSSL::X509::Certificate.new
    cert.not_before = Time.now
    cert.subject = cert.issuer = CertificateName.new({ :common_name => "CA" }.update(@options[:name])).name
    cert.not_after = cert.not_before + (365 * 5) * 24 * 60 * 60
    cert.public_key = @options[:key].public_key
    cert.serial = 1
    cert.version = 2 # X509v3

    ef = OpenSSL::X509::ExtensionFactory.new
    ef.subject_certificate = cert
    ef.issuer_certificate = cert
    cert.extensions = [
      ef.create_extension("basicConstraints","CA:TRUE"),
      ef.create_extension("keyUsage", "cRLSign, keyCertSign"),
      ef.create_extension("subjectKeyIdentifier", "hash"),
      ef.create_extension("nsComment", "Ruby/OpenSSL/EaSSL Generated Certificate"),
    ]
    cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always"))
    cert.sign(@options[:key].private_key, OpenSSL::Digest::SHA1.new)
    @ssl = cert
  end
  @ssl
end