Class: LeapCA::Cert

Inherits:
CouchRest::Model::Base
  • Object
show all
Defined in:
lib/leap_ca/cert.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.pick_from_poolObject 



40
41
42
43
44
45
46
47
48
 
# File 'lib/leap_ca/cert.rb', line 40

def pick_from_pool
  cert = self.sample
  raise RECORD_NOT_FOUND unless cert
  cert.destroy
  return cert
rescue RESOURCE_NOT_FOUND
  retry if self.by_random.count > 0
  raise RECORD_NOT_FOUND
end

.sampleObject 



36
37
38
 
# File 'lib/leap_ca/cert.rb', line 36

def sample
  self.by_random.startkey(rand).first || self.by_random.first
end

Instance Method Details

#generateObject

generate the private key and client certificate



54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/leap_ca/cert.rb', line 54

def generate
  cert = CertificateAuthority::Certificate.new

  # set subject
  cert.subject.common_name = random_common_name

  # set expiration
  self.valid_until = months_from_yesterday(Config.client_cert_lifespan)
  cert.not_before  = yesterday
  cert.not_after   = self.valid_until

  # generate key
  cert.serial_number.number = cert_serial_number
  cert.key_material.generate_key(Config.client_cert_bit_size)

  # sign
  cert.parent = Cert.root_ca
  cert.sign! client_signing_profile

  self.key  = cert.key_material.private_key.to_pem
  self.cert = cert.to_pem
end