method

sign

v2_5_5 - Show latest stable - Class: Gem::Security

sign(certificate, signing_key, signing_cert, age = ONE_YEAR, extensions = EXTENSIONS, serial = 1)

public

Sign the public key from certificate with the signing_key and signing_cert, using the Gem::Security::DIGEST_ALGORITHM. Uses the default certificate validity range and extensions.

Returns the newly signed certificate.

# File lib/rubygems/security.rb, line 529
  def self.sign certificate, signing_key, signing_cert,
                age = ONE_YEAR, extensions = EXTENSIONS, serial = 1
    signee_subject = certificate.subject
    signee_key     = certificate.public_key

    alt_name = certificate.extensions.find do |extension|
      extension.oid == 'subjectAltName'
    end

    extensions = extensions.merge 'subjectAltName' => alt_name.value if
      alt_name

    issuer_alt_name = signing_cert.extensions.find do |extension|
      extension.oid == 'subjectAltName'
    end

    extensions = extensions.merge 'issuerAltName' => issuer_alt_name.value if
      issuer_alt_name

    signed = create_cert signee_subject, signee_key, age, extensions, serial
    signed.issuer = signing_cert.subject

    signed.sign signing_key, Gem::Security::DIGEST_ALGORITHM.new
  end

sign

Related methods