Hello all and thanks for your time reading this.
I need to verify certificates issued by my own CA, for which I have a certificate. How can I do the equivalent to openssl's
openssl verify -CAfile
in Ruby code? The RDoc for OpenSSL is not very helpful in this regard. I've tried:
require 'openssl' ca = OpenSSL::X509::Certificate.new(File.read('ca-cert.pem')) lic = OpenSSL::X509::Certificate.new(File.read('cert.pem')) puts lic.verify( ca )
but I get:
test.rb:7:in `verify': wrong argument (OpenSSL::X509::Certificate)! (Expected kind of OpenSSL::PKey::PKey) (TypeError) from test.rb:7
I can't even find "verify" in the OpenSSL Rdoc at http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/index.html.
Any help is appreciated. Thanks again!
You need to validate with
lic.verify(ca.public_key)
in addition before that you can verify certificate issuer with
lic.issuer.to_s == ca.subject.to_s
I used one Japanese help page to get the list of available methods :)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With