generate self signed key/cert pair and display the fingerprint

10 years ago · a54d413e22
3 changed files with 41 additions and 2 deletions
--- a/app/controllers/certificates_controller.rb
+++ b/app/controllers/certificates_controller.rb
@ -1,3 +1,5 @@
+require 'openssl'
+
 class CertificatesController < ApplicationController
  before_action :set_certificate, only: [:show, :edit, :update, :destroy]

@ -26,6 +28,22 @@ class CertificatesController < ApplicationController
  def create
    @certificate = Certificate.new(certificate_params)

+    key = OpenSSL::PKey::RSA.new 4096
+    name = OpenSSL::X509::Name.parse 'CN=lex-deeit/DC=weird-web-workers/DC=org'
+
+    cert = OpenSSL::X509::Certificate.new
+    cert.version = 2
+    cert.serial = 0
+    cert.not_before = Time.now
+    cert.not_after = Time.now + 3600
+
+    cert.public_key = key.public_key
+    cert.subject = name
+    cert.sign key, OpenSSL::Digest::SHA256.new
+
+    @certificate.key = key.to_pem
+    @certificate.cert = cert.to_pem
+
    respond_to do |format|
      if @certificate.save
        format.html { redirect_to @certificate, notice: 'Certificate was successfully created.' }
@ -72,3 +90,5 @@ class CertificatesController < ApplicationController
      params.require(:certificate).permit(:key, :cert, :active)
    end
 end
+
+# vim: set et ts=2 sw=2:
--- a/app/models/certificate.rb
+++ b/app/models/certificate.rb
@ -1,2 +1,21 @@
+require "openssl"
+require 'digest/md5'
+
 class Certificate < ActiveRecord::Base
+  def key
+    OpenSSL::PKey::RSA.new read_attribute(:key) if read_attribute(:key)
+  end
+
+  def cert
+    OpenSSL::X509::Certificate.new read_attribute(:cert) if read_attribute(:cert)
+  end
+
+  def key_fpr
+    Digest::SHA1.hexdigest(key.to_der).upcase
+  end
+
+  def cert_fpr
+    Digest::SHA1.hexdigest(cert.to_der).upcase
+  end
 end
+# vim: set et ts=2 sw=2:
--- a/app/views/certificates/index.html.erb
+++ b/app/views/certificates/index.html.erb
@ -15,8 +15,8 @@
  <tbody>
    <% @certificates.each do |certificate| %>
      <tr>
-        <td><%= certificate.key %></td>
-        <td><%= certificate.cert %></td>
+        <td><%= certificate.key_fpr.scan(/../).join(':') %></td>
+        <td><%= certificate.cert_fpr.scan(/../).join(':') %></td>
        <td><%= certificate.active %></td>
        <td><%= link_to 'Show', certificate %></td>
        <td><%= link_to 'Edit', edit_certificate_path(certificate) %></td>