danascheider/Gemfile

## create_ca.rb
#!/usr/bin/env ruby
require 'certificate_authority'

# Info for the 3 certs:
cert_data = [
  { common_name: 'Dummy CA Root Certificate',
    serial_number: 1,
    signing_entity: true,
    signing_profile: {'extensions' => { 'keyUsage' => {'usage' => ['critical', 'keyCertSign']}}}
  },
  {
    common_name: 'Dummy Intermediate Certificate',
    serial_number: 2,
    signing_entity: true,
    parent: certs[0],
    signing_profile: {'extensions' => {'keyUsage' => {'usage' => ['critical', 'keyCertSign']}}}
  },
  {
    common_name: 'http://mydomain.com',
    serial_number: 3
    parent: certs[1]
  }
]

certs = []

cert_data.each do |hash|
  cert = CertificateAuthority::Certificate.new
  cert.subject.common_name = hash[:common_name]
  cert.serial_number.number = hash[:serial_number]
  cert.key_material.generate_key
  cert.parent = hash[:parent]
  cert.signing_entity = hash[:signing_entity]
  cert.sign!(hash[:signing_profile])
  certs << cert
end

root_cert, intermediate_cert, plain_cert = certs[0], certs[1], certs[2]

File.open('ssl/root_ca.cert.pem', "w") do |file|
  file.write root_cert.to_pem
end

File.open('ssl/root_ca-private.key.pem', "w") do |file|
  file.write root_cert.key_material.private_key.to_pem
end

File.open('ssl/root_ca-public.key.pem', "w") do |file|
  file.write root_cert.key_material.public_key.to_pem
end

File.open('ssl/intermediate_ca.cert.pem', "w") do |file|
  file.write intermediate_cert.to_pem
end

File.open('ssl/intermediate_ca-private.key.pem', "w") do |file|
  file.write intermediate_cert.key_material.private_key.to_pem
end

File.open('ssl/intermediate_ca-public.key.pem', "w") do |file|
  file.write intermediate_cert.key_material.public_key.to_pem
end

File.open('ssl/sites/website.cert.pem', "w") do |file|
  file.write plain_cert.to_pem
end
File.open('ssl/sites/website-private.key.pem', "w") do |file|
  file.write plain_cert.key_material.private_key.to_pem
end
File.open('ssl/sites/website-public.key.pem', "w") do |file|
  file.write plain_cert.key_material.public_key.to_pem
end

File.open('ssl/ca-chain', "w") do |file|
  file.write root_cert.to_pem
  file.write intermediate_cert.to_pem
end

# verify output with
# openssl verify -verbose -purpose sslserver -CAfile ca-chain website.cert

## Gemfile
source 'https://rubygems.org'

gem 'bundler',               '~> 1.5.2'
gem 'rake',                  '~> 10.3.2'
gem 'certificate_authority', '~> 0.1.6'

## Gemfile.lock
GEM
  remote: https://rubygems.org/
  specs:
    activemodel (4.1.4)
      activesupport (= 4.1.4)
      builder (~> 3.1)
    activesupport (4.1.4)
      i18n (~> 0.6, >= 0.6.9)
      json (~> 1.7, >= 1.7.7)
      minitest (~> 5.1)
      thread_safe (~> 0.1)
      tzinfo (~> 1.1)
    builder (3.2.2)
    certificate_authority (0.1.6)
      activemodel (>= 3.0.6)
    i18n (0.6.11)
    json (1.8.1)
    minitest (5.4.0)
    rake (10.3.2)
    thread_safe (0.3.4)
    tzinfo (1.2.2)
      thread_safe (~> 0.1)

PLATFORMS
  ruby

DEPENDENCIES
  bundler (~> 1.5.2)
  certificate_authority (~> 0.1.6)
  rake (~> 10.3.2)
	#!/usr/bin/env ruby
	require 'certificate_authority'

	# Info for the 3 certs:
	cert_data = [
	{ common_name: 'Dummy CA Root Certificate',
	serial_number: 1,
	signing_entity: true,
	signing_profile: {'extensions' => { 'keyUsage' => {'usage' => ['critical', 'keyCertSign']}}}
	},
	{
	common_name: 'Dummy Intermediate Certificate',
	serial_number: 2,
	signing_entity: true,
	parent: certs[0],
	signing_profile: {'extensions' => {'keyUsage' => {'usage' => ['critical', 'keyCertSign']}}}
	},
	{
	common_name: 'http://mydomain.com',
	serial_number: 3
	parent: certs[1]
	}
	]

	certs = []

	cert_data.each do \|hash\|
	cert = CertificateAuthority::Certificate.new
	cert.subject.common_name = hash[:common_name]
	cert.serial_number.number = hash[:serial_number]
	cert.key_material.generate_key
	cert.parent = hash[:parent]
	cert.signing_entity = hash[:signing_entity]
	cert.sign!(hash[:signing_profile])
	certs << cert
	end

	root_cert, intermediate_cert, plain_cert = certs[0], certs[1], certs[2]

	File.open('ssl/root_ca.cert.pem', "w") do \|file\|
	file.write root_cert.to_pem
	end

	File.open('ssl/root_ca-private.key.pem', "w") do \|file\|
	file.write root_cert.key_material.private_key.to_pem
	end

	File.open('ssl/root_ca-public.key.pem', "w") do \|file\|
	file.write root_cert.key_material.public_key.to_pem
	end

	File.open('ssl/intermediate_ca.cert.pem', "w") do \|file\|
	file.write intermediate_cert.to_pem
	end

	File.open('ssl/intermediate_ca-private.key.pem', "w") do \|file\|
	file.write intermediate_cert.key_material.private_key.to_pem
	end

	File.open('ssl/intermediate_ca-public.key.pem', "w") do \|file\|
	file.write intermediate_cert.key_material.public_key.to_pem
	end

	File.open('ssl/sites/website.cert.pem', "w") do \|file\|
	file.write plain_cert.to_pem
	end
	File.open('ssl/sites/website-private.key.pem', "w") do \|file\|
	file.write plain_cert.key_material.private_key.to_pem
	end
	File.open('ssl/sites/website-public.key.pem', "w") do \|file\|
	file.write plain_cert.key_material.public_key.to_pem
	end

	File.open('ssl/ca-chain', "w") do \|file\|
	file.write root_cert.to_pem
	file.write intermediate_cert.to_pem
	end

	# verify output with
	# openssl verify -verbose -purpose sslserver -CAfile ca-chain website.cert
	source 'https://rubygems.org'

	gem 'bundler', '~> 1.5.2'
	gem 'rake', '~> 10.3.2'
	gem 'certificate_authority', '~> 0.1.6'
	GEM
	remote: https://rubygems.org/
	specs:
	activemodel (4.1.4)
	activesupport (= 4.1.4)
	builder (~> 3.1)
	activesupport (4.1.4)
	i18n (~> 0.6, >= 0.6.9)
	json (~> 1.7, >= 1.7.7)
	minitest (~> 5.1)
	thread_safe (~> 0.1)
	tzinfo (~> 1.1)
	builder (3.2.2)
	certificate_authority (0.1.6)
	activemodel (>= 3.0.6)
	i18n (0.6.11)
	json (1.8.1)
	minitest (5.4.0)
	rake (10.3.2)
	thread_safe (0.3.4)
	tzinfo (1.2.2)
	thread_safe (~> 0.1)

	PLATFORMS
	ruby

	DEPENDENCIES
	bundler (~> 1.5.2)
	certificate_authority (~> 0.1.6)
	rake (~> 10.3.2)