setup_certificate()
public
Ensures that :SSLCertificate and :SSLPrivateKey have been provided or that
a new certificate
is generated with the other parameters provided.
Show source
def setup_certificate
if @cert && @pkey
return
end
rsa = OpenSSL::PKey::RSA.new(1024){|p, n|
next unless self[:verbose]
case p
when 0; $stderr.putc "."
when 1; $stderr.putc "+"
when 2; $stderr.putc "*"
when 3; $stderr.putc "\n"
else; $stderr.putc "*"
end
}
cert = OpenSSL::X509::Certificate.new
cert.version = 3
cert.serial = 0
name = OpenSSL::X509::Name.new(self[:SSLCertName])
cert.subject = name
cert.issuer = name
cert.not_before = Time.now
cert.not_after = Time.now + (365*24*60*60)
cert.public_key = rsa.public_key
ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
cert.extensions = [
ef.create_extension("basicConstraints","CA:FALSE"),
ef.create_extension("subjectKeyIdentifier", "hash") ]
ef.issuer_certificate = cert
cert.add_extension(ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always"))
if comment = self[:SSLCertComment]
cert.add_extension(ef.create_extension("nsComment", comment))
end
cert.sign(rsa, OpenSSL::Digest::SHA1.new)
@cert = cert
@pkey = rsa
end
RSpec
Ruby on Rails
Ruby
= private
= protected
