Skip to content

Instantly share code, notes, and snippets.

@lincank

lincank/self_signed_cert.rb

Forked from nickyp/self_signed_cert.rb
Created October 9, 2012 07:30
Show Gist options
  • Save lincank/3857178 to your computer and use it in GitHub Desktop.
Save lincank/3857178 to your computer and use it in GitHub Desktop.
Download ZIP
create a self-signed certificate using ruby-openssl
Raw
self_signed_cert.rb
require 'rubygems'
require 'openssl'
key = OpenSSL::PKey::RSA.new(1024)
public_key = key.public_key
# uncomment the following line if you when to save key to somewhere
# open '/tmp/key.pem', 'w' do |io| io.write key.to_pem end
# puts 'save to /tmp/key.pem'
subject = "/C=BE/O=Test/OU=Test/CN=Test"
cert = OpenSSL::X509::Certificate.new
cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
cert.not_before = Time.now
cert.not_after = Time.now + 365 * 24 * 60 * 60
cert.public_key = public_key
cert.serial = 0x0
cert.version = 2
ef = OpenSSL::X509::ExtensionFactory.new
ef.subject_certificate = cert
ef.issuer_certificate = cert
cert.extensions = [
ef.create_extension("basicConstraints","CA:TRUE", true),
ef.create_extension("subjectKeyIdentifier", "hash"),
# ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
]
cert.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
cert.sign key, OpenSSL::Digest::SHA1.new
# uncomment the following line if you when to save certificate to somewhere
# open '/tmp/cert.pem', 'w' do |io| io.write cert.to_pem end
# puts 'save to /tmp/cert.pem'
puts cert.to_pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment