certificate_authority icon indicating copy to clipboard operation
certificate_authority copied to clipboard
verified publisher icon cchandler

Signing certs with loaded pem files

Open timgurney-msm opened this issue 9 years ago • 1 comments

I am doing something like this: signing_key = OpenSSL::X509::Certificate.new File.read "intermediate.pem" plain_cert = CertificateAuthority::Certificate.new plain_cert.subject.common_name = "mydomain.com" plain_cert.serial_number.number = 4 plain_cert.key_material.generate_key plain_cert.parent = signing_key plain_cert.sign!

just to test the loading and pems to sign client certs. and i get the following error:

gems/certificate_authority-0.1.6/lib/certificate_authority/certificate.rb:58:in sign!': undefined methoddistinguished_name' for #OpenSSL::X509::Certificate:0x00000001801438 (NoMethodError)

Am I missing something?

The root and intermediate were built using the example code and saved to disk using to_pem

timgurney-msm avatar Apr 26 '16 12:04 timgurney-msm

Necro-ing this because I had the same question and ended up here first before reading the specs.

Can't use the OpenSSL::X509::Certificate directly here, we need a CertificateAuthority::Certificate, so something like

intermediate_certificate = CertificateAuthority::Certificate.from_x509_cert(File.read "intermediate.pem")
intermediate_certificate.key_material = CertificateAuthority::KeyMaterial.from_x509_key_pair(File.read "keypair.pem") # if we set a password on the key PEM, pass that as a second argument here
.
.
.
plain_cert.parent = intermediate_certificate
plain_cert.sign!

robheittman avatar Jul 02 '21 19:07 robheittman