QuickCert allows you to quickly and easily create SSL certificates. It uses a simple configuration file to generate self-signed client and server certificates.
QuickCert is a compilation of NAKAMURA Hiroshi's post to ruby-talk number 89917, the example scripts referenced in the above post, and gen_csr.rb from Ruby's OpenSSL examples.
QuickCert can be used to generate certificates for WEBrick or DRb over SSL. To see how to use SSL with DRb, check out how to set up DRb over SSL.
As root run make install or if you don't have make:
./setup.rb config ./setup.rb setup ./setup.rb install (as root)
This will place a QuickCert executable in your bin dir that looks for qc_config in the current directory, or accepts a path to a qc_config file.
A simple QuickCert configuration file looks like:
full_hostname = `hostname`.strip
domainname = full_hostname.split('.')[1..-1].join('.')
hostname = full_hostname.split('.')[0]
CA[:hostname] = hostname
CA[:domainname] = domainname
CA[:CA_dir] = File.join Dir.pwd, "CA"
CA[:password] = '1234'
CERTS << {
:type => 'server',
:hostname => 'uriel',
:password => '5678',
}
CERTS << {
:type => 'client',
:user => 'drbrain',
:email => 'drbrain@segment7.net',
}This configuration will create a Certificate Authority in a 'CA' directory in the current directory, a server certificate with password '5678' for the server 'uriel' in a directory named 'uriel', and a client certificate for drbrain in the directory 'drbrain' with no password.
There are additional SSL settings you can tweak that are found in the defaults.rb file, which lives in lib/ruby/1.8/QuickCert/.
To generate the certificates, simply create a qc_config file where you want the certificate directories to be created, then run QuickCert.