require 'openssl'
key = OpenSSL::PKey::RSA.new(2048)
publickey = key.publickey
name = OpenSSL::X509::Name.parse("CN=example.com")
cert = OpenSSL::X509::Certificate.new cert.version = 2 cert.serial = 0 cert.subject = name cert.issuer = name cert.publickey = publickey cert.notbefore = Time.now cert.notafter = Time.now + 365 * 24 * 60 * 60 # 1 year validity
ef = OpenSSL::X509::ExtensionFactory.new ef.subjectcertificate = cert ef.issuercertificate = cert cert.extensions = [ ef.createextension("basicConstraints","CA:TRUE", true), ef.createextension("subjectKeyIdentifier", "hash"), ef.createextension("authorityKeyIdentifier", "keyid:always,issuer:always"), ] cert.addextension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") cert.sign(key, OpenSSL::Digest::SHA256.new)
File.write('example.com.crt', cert.topem) File.write('example.com.key', key.topem)
require 'openssl'
key = OpenSSL::PKey::RSA.new(2048)
publickey = key.publickey
name = OpenSSL::X509::Name.parse("CN=example.com")
cert = OpenSSL::X509::Certificate.new
cert.version = 2
cert.serial = 0
cert.subject = name
cert.issuer = name
cert.publickey = publickey
cert.notbefore = Time.now
cert.notafter = Time.now + 365 * 24 * 60 * 60 # 1 year validity
ef = OpenSSL::X509::ExtensionFactory.new
ef.subjectcertificate = cert
ef.issuercertificate = cert
cert.extensions = [
ef.createextension("basicConstraints","CA:TRUE", true),
ef.createextension("subjectKeyIdentifier", "hash"),
ef.createextension("authorityKeyIdentifier", "keyid:always,issuer:always"),
]
cert.addextension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
cert.sign(key, OpenSSL::Digest::SHA256.new)
File.write('example.com.crt', cert.topem)
File.write('example.com.key', key.topem)