class DRb::DRbSSLSocket::SSLConfig

def setup_certificate

provided.
or that a new certificate is generated with the other parameters
Ensures that :SSLCertificate and :SSLPrivateKey have been provided

def setup_certificate
  if @cert && @pkey
    return
  end
  rsa = OpenSSL::PKey::RSA.new(2048){|p, n|
    next unless self[:verbose]
    case p
    when 0; $stderr.putc "."  # BN_generate_prime
    when 1; $stderr.putc "+"  # BN_generate_prime
    when 2; $stderr.putc "*"  # searching good prime,
                              # n = #of try,
                              # but also data from BN_generate_prime
    when 3; $stderr.putc "\n" # found good prime, n==0 - p, n==1 - q,
                              # but also data from BN_generate_prime
    else;   $stderr.putc "*"  # BN_generate_prime
    end
  }
  cert = OpenSSL::X509::Certificate.new
  cert.version = 3
  cert.serial = 0
  name = OpenSSL::X509::Name.new(self[:SSLCertName])
  cert.subject = name
  cert.issuer = name
  cert.not_before = Time.now
  cert.not_after = Time.now + (365*24*60*60)
  cert.public_key = rsa.public_key
  ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
  cert.extensions = [
    ef.create_extension("basicConstraints","CA:FALSE"),
    ef.create_extension("subjectKeyIdentifier", "hash") ]
  ef.issuer_certificate = cert
  cert.add_extension(ef.create_extension("authorityKeyIdentifier",
                                         "keyid:always,issuer:always"))
  if comment = self[:SSLCertComment]
    cert.add_extension(ef.create_extension("nsComment", comment))
  end
  cert.sign(rsa, "SHA256")
  @cert = cert
  @pkey = rsa
end

Modules

Classes

class DRb::DRbSSLSocket::SSLConfig

def setup_certificate

Instance Methods