mirror of
https://github.com/puma/puma.git
synced 2022-11-09 13:48:40 -05:00
56 lines
1.4 KiB
Ruby
56 lines
1.4 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
=begin
|
|
regenerates cert_puma.pem and puma_keypair.pem
|
|
dates, key length & sign_algorithm are changed
|
|
|
|
JRuby:
|
|
after running this file, delete server.p12 and keystore.jks, then (I think)
|
|
cd examples/puma
|
|
openssl pkcs12 -export -password pass:jruby_puma -inkey puma_keypair.pem -in cert_puma.pem -name puma -out server.p12
|
|
keytool -importkeystore -srckeystore server.p12 -srcstoretype pkcs12 -srcstorepass jruby_puma -destkeystore keystore.jks -deststoretype JKS -storepass jruby_puma
|
|
=end
|
|
|
|
require 'openssl'
|
|
|
|
module Generate
|
|
|
|
KEY_LEN = 2048
|
|
SIGN_ALGORITHM = OpenSSL::Digest::SHA256
|
|
|
|
FNC = 'cert_puma.pem'
|
|
FNK = 'puma_keypair.pem'
|
|
|
|
class << self
|
|
|
|
def run
|
|
ca_key = OpenSSL::PKey::RSA.new KEY_LEN
|
|
key = OpenSSL::PKey::RSA.new KEY_LEN
|
|
|
|
raw = File.read File.join(__dir__, FNC), mode: 'rb'
|
|
|
|
cert = OpenSSL::X509::Certificate.new raw
|
|
puts "\nOld:", cert.to_text, ""
|
|
|
|
now = Time.now.utc
|
|
mo = now.month
|
|
yr = now.year
|
|
zone = '+00:00'
|
|
|
|
cert.not_before = Time.new yr , mo, 1, 0, 0, 0, zone
|
|
cert.not_after = Time.new yr+4, mo, 1, 0, 0, 0, zone
|
|
cert.public_key = key.public_key
|
|
cert.sign ca_key, SIGN_ALGORITHM.new
|
|
puts "New:", cert.to_text, ""
|
|
|
|
Dir.chdir __dir__ do
|
|
File.write FNC, cert.to_pem, mode: 'wb'
|
|
File.write FNK, key.to_pem , mode: 'wb'
|
|
end
|
|
rescue => e
|
|
puts "error: #{e.message}"
|
|
end
|
|
end
|
|
end
|
|
|
|
Generate.run
|