StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PORuby Generate Self-Signed Certificate
primarykey
Id
2381394
data
AcceptedAnswerId
2389465
AnswerCount
3
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2010-03-04T17:31:50.107
FavoriteCount
4
LastActivityDate
2017-05-26T18:07:44.783
LastEditDate
2013-05-16T18:49:32.387
LastEditorUserId
677684
OwnerUserId
277028
ParentId
0
PostTypeId
1
Score
7
ViewCount
5569
LastEditorDisplayName
text
Body
I'm trying to generate a self-signed certificate in ruby, but am running into trouble. This is what I currently have right now: <pre><code>require 'openssl' if ARGV.length != 3 then puts "USAGE: #{__FILE__} <type[der|pem]> <private-out> <public-out>" exit end type = ARGV[0].downcase privateKeyFile = ARGV[1] publicKeyFile = ARGV[2] values = [{ 'C' => 'US'}, {'ST' => 'SomeState'}, { 'L' => 'SomeCity'}, { 'O' => 'Organization'}, {'OU' => 'Organizational Unit'}, {'CN' => "somesite.com"}] name = values.collect{ |l| l.collect { |k, v| "/#{k}=#{v}" }.join }.join key = OpenSSL::PKey::RSA.generate(1024) pub = key.public_key ca = OpenSSL::X509::Name.parse(name) cert = OpenSSL::X509::Certificate.new cert.version = 2 cert.serial = 1 cert.subject = ca cert.issuer = ca cert.public_key = pub cert.not_before = Time.now cert.not_before = Time.now + (360 * 24 * 3600) File.open(privateKeyFile + "." + type, "w") {|f| f.write key.send("to_#{type}") } File.open(publicKeyFile + "." + type, "w") {|f| f.write cert.send("to_#{type}") } </code></pre> When I try to use the generated private key and certificate in apache, I get this error: <pre><code>[Thu Mar 04 10:58:44 2010] [error] Init: Unable to read server certificate from file /etc/ssl/certs/gnarly.pem [Thu Mar 04 10:58:44 2010] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Thu Mar 04 10:58:44 2010] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error </code></pre> This is what my certificate says: <pre><code>-----BEGIN CERTIFICATE----- <lots of stuff> -----END CERTIFICATE----- </code></pre> It calls itself a certificate instead of a CSR, which is what most of the things I've found online say about that apache2 error (that I might have gotten the CSR and CERT mixed up). My guess is that I'm not generating the right type of certificate. Maybe I have to change the serial or version attributes. Also, I'm not doing any self-signing anywhere, not that I know of anyways. I know you can do something like this though: <pre><code>require "openssl" key = OpenSSL::PKey::RSA.generate(1024) signature = key.sign(OpenSSL::Digest::SHA1.new, "data to sign") </code></pre> Reminder: My goal is to generate a self-signed certificate, in case my long-ish question lost focus on the way. EDIT: I guess the real question is how to sign a certificate with a key
Tags
<ruby><openssl><ssl-certificate><x509certificate>
Title
Ruby Generate Self-Signed Certificate
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USTilo
UserOwnerUserId
1. USMarkus Orrelly
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PORuby Generate Self-Signed Certificate
 UserUserId
 USRalf Edmund
 VoteTypeVoteTypeId
 VTFavorite
2. VO
 singulars
 PostPostId
 PORuby Generate Self-Signed Certificate
 UserUserId
 USc2h2
 VoteTypeVoteTypeId
 VTFavorite
3. VO
 singulars
 PostPostId
 PORuby Generate Self-Signed Certificate
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COAny one who will be interested I prepared csr exammple in ruby, You can find it here: https://gist.github.com/1922961
 singulars
 PostPostId
 PORuby Generate Self-Signed Certificate
 UserUserId
 USmtfk

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.