class OpenSSLExtensions::X509::CertificateChain
Provides a thin wrapper to an Array which contains the full certificate chain. This array, however, has been reorganized to be in the proper order for the chain as follows:
[Site Certificate, Intermediary #1, ..., CA Root]
Where +Intermediary #1+ is the issuing certificate of the +Site Certificate+, followed by #2
which issued #1
, down to the final root signing certificate in last position.
Public Class Methods
new(peer_certificate, certificates)
click to toggle source
# File lib/openssl-extensions/x509/certificate_chain.rb, line 19 def initialize(peer_certificate, certificates) @certificates = [] reorganize!(peer_certificate, certificates) end
Private Instance Methods
method_missing(method, *args, &block)
click to toggle source
# File lib/openssl-extensions/x509/certificate_chain.rb, line 28 def method_missing(method, *args, &block) @certificates.send(method, *args, &block) end
reorganize!(site_certificate, certificates)
click to toggle source
# File lib/openssl-extensions/x509/certificate_chain.rb, line 32 def reorganize!(site_certificate, certificates) return unless site_certificate && !certificates.empty? certificate = nil @certificates << (certificates.delete(site_certificate) || site_certificate || certificates.delete(certificates.detect { |c| c.subject_key_identifier.nil? })) certificate = @certificates.first until certificate.nil? if certificate = certificates.detect { |authority| authority.allows_certificate_signing? && certificate.issuing_certificate?(authority) } @certificates << certificates.delete(certificate) else authority = nil end end end