module CertMaker

Public Class Methods

make_ca(config, verbose=false) click to toggle source

Ensure that the custom ca exists.

# File lib/certmaker.rb, line 30
def make_ca(config, verbose=false)
  unless config['certmaker'].has_key? 'customgoodca'
    puts "certmaker does not have a 'customgoodca' entry, so a CA will be regenerated every time."
    return
  end

  cacert = config['certmaker']['customgoodca']['certfile']
  cakey = config['certmaker']['customgoodca']['keyfile']

  if File.exist? cacert and File.exist? cakey
    puts "CA and CA's key already exist."
  elsif File.exist? cacert and not File.exist? cakey
    raise "CA certificate exists, but the key file does not exist?!"
  elsif not File.exist? cacert and File.exist? cakey
    raise "CA certificate does not exist, but the key file exists?!"
  else
    puts "Generating a new CA"
    cacertdir = File.dirname(config['certmaker']['customgoodca']['certfile'])
    FileUtils.mkdir_p cacertdir, :verbose => verbose
    cakeydir = File.dirname(config['certmaker']['customgoodca']['keyfile'])
    FileUtils.mkdir_p cakeydir, :verbose => verbose
    csg = CertificateSuiteGenerator.new(config['certs'], config['hostname'], config['certmaker'])
    csg.generate_certificate('goodca',config['certs']['goodca'])
    cadata = csg.certificates['goodca']
    File.open(cacert,"wb") { |f| f.write cadata[:cert] }
    File.open(cakey,"wb") { |f| f.write cadata[:key] }
    puts "New CA generated."
    puts "Make sure you remove or comment out the passphrase in config.yml if you had one previously set!"
  end
end
make_certs(config, verbose=false) click to toggle source

Generate certificates and keys using config.

Config is usually a data structure derived from parsing a YAML file.

# File lib/certmaker.rb, line 16
def make_certs(config, verbose=false)
  FileUtils.mkdir_p config['certmaker']['outdir'], :verbose => verbose

  certs = CertificateSuiteGenerator.new(config['certs'], config['hostname'], config['certmaker']).certificates

  certs.each do |calias, ck|
    File.open(File.join(config['certmaker']['outdir'],calias+"cert.pem"),"wb") { |f| f.write ck[:cert] }
    File.open(File.join(config['certmaker']['outdir'],calias+"key.pem"),"wb") { |f| f.write ck[:key] }
  end

end