Module: Sus::Fixtures::OpenSSL::ValidCertificateContext

Includes:

CertificateAuthorityContext

Included in:

InvalidCertificateContext

Defined in:

lib/sus/fixtures/openssl/valid_certificate_context.rb

Instance Method Summary

• #certificate ⇒ Object

  The certificate used for actual communication:.

• #certificate_name ⇒ Object
• #key ⇒ Object

  The private key to use on the server side:.

Methods included from CertificateAuthorityContext

#certificate_authority_certificate, #certificate_authority_key, #certificate_authority_name, #certificate_store

Instance Method Details

#certificate ⇒ Object

The certificate used for actual communication:

# File 'lib/sus/fixtures/openssl/valid_certificate_context.rb', line 24

def certificate
	@certificate ||= ::OpenSSL::X509::Certificate.new.tap do |certificate|
		certificate.subject = certificate_name
		certificate.issuer = certificate_authority_certificate.subject
		
		certificate.public_key = key.public_key
		
		certificate.serial = 2
		certificate.version = 2
		
		# The certificate is valid for one hour:
		certificate.not_before = Time.now - 10
		certificate.not_after = Time.now + 3600
		
		extension_factory = ::OpenSSL::X509::ExtensionFactory.new()
		extension_factory.subject_certificate = certificate
		extension_factory.issuer_certificate = certificate_authority_certificate
		certificate.add_extension extension_factory.create_extension("keyUsage", "digitalSignature", true)
		certificate.add_extension extension_factory.create_extension("subjectKeyIdentifier", "hash")
		
		certificate.sign certificate_authority_key, ::OpenSSL::Digest::SHA256.new
	end
end

#certificate_name ⇒ Object

# File 'lib/sus/fixtures/openssl/valid_certificate_context.rb', line 19

def certificate_name
	::OpenSSL::X509::Name.parse("O=Test/CN=localhost")
end

#key ⇒ Object

The private key to use on the server side:

# File 'lib/sus/fixtures/openssl/valid_certificate_context.rb', line 15

def key
	@key ||= ::OpenSSL::PKey::RSA.new(2048)
end