Method: Tem::Cert.create_subject_cert

Defined in:
lib/tem/_cert.rb

.create_subject_cert(subject_key, issuer_key, issuer_cert) ⇒ Object

Parameters:

  • subject_key

    An OpenSSL::PKey instance that will be this cert’s key

  • issuer_key

    An OpenSSL::Pkey instance that will be used to sign this cert (i.e. the issuer’s/manufacturer’s key)

  • issuer_cert

    The OpenSSL::X509::Certificate instance of the authority that issued this cert



31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/tem/_cert.rb', line 31

def self.create_subject_cert(subject_key, issuer_key, issuer_cert)
  subject_cert = OpenSSL::X509::Certificate.new
  subject_cert.public_key = subject_key.public_key
  subject_cert.serial = Time.now.to_i   #no significance to this #, just a value for demonstration of purpose

  subject_dist_name = OpenSSL::X509::Name.new [['CN', 'TEM Device'], ['L', 'Cambridge'], ['ST', 'Massachusetts'],\
                       ['O', 'Trusted Execution Modules, Inc.'], ['OU', 'Certificates Division'], ['C', 'US']]
  subject_cert.issuer = issuer_cert.subject
  subject_cert.subject = subject_dist_name
  subject_cert.not_before = Time.now
  subject_cert.not_after = Time.now + (60 * 60 * 24 * 365.25) * 10
  subject_cert.sign issuer_key, OpenSSL::Digest::SHA1.new
  return subject_cert
end