class Vines::Command::Cert

Public Instance Methods

create_cert(domain, dir) click to toggle source
# File lib/vines/command/cert.rb, line 12
def create_cert(domain, dir)
  domain = domain.downcase
  key = OpenSSL::PKey::RSA.generate(2048)
  ca = OpenSSL::X509::Name.parse("/C=US/ST=Colorado/L=Denver/O=Vines XMPP Server/CN=#{domain}")
  cert = OpenSSL::X509::Certificate.new
  cert.version = 2
  cert.subject = ca
  cert.issuer = ca
  cert.serial = Time.now.to_i
  cert.public_key = key.public_key
  cert.not_before = Time.now - (24 * 60 * 60)
  cert.not_after = Time.now + (365 * 24 * 60 * 60)

  factory = OpenSSL::X509::ExtensionFactory.new
  factory.subject_certificate = cert
  factory.issuer_certificate = cert
  cert.extensions = [
    %w[basicConstraints CA:TRUE],
    %w[subjectKeyIdentifier hash],
    %w[subjectAltName] << [domain, hostname].map {|n| "DNS:#{n}" }.join(',')
  ].map {|k, v| factory.create_ext(k, v) }

  cert.sign(key, OpenSSL::Digest::SHA1.new)

  {'key' => key, 'crt' => cert}.each_pair do |ext, o|
    name = File.join(dir, "#{domain}.#{ext}")
    File.open(name, 'w:utf-8') {|f| f.write(o.to_pem) }
    File.chmod(0600, name) if ext == 'key'
  end
end
run(opts) click to toggle source
# File lib/vines/command/cert.rb, line 6
def run(opts)
  raise 'vines cert <domain>' unless opts[:args].size == 1
  require opts[:config]
  create_cert(opts[:args].first, Config.instance.certs)
end

Private Instance Methods

hostname() click to toggle source
# File lib/vines/command/cert.rb, line 45
def hostname
  Socket.gethostbyname(Socket.gethostname).first.downcase
end