generate self signed key/cert pair and display the fingerprint

10 years ago · a54d413e22
3 changed files with 41 additions and 2 deletions
--- a/app/controllers/certificates_controller.rb
+++ b/app/controllers/certificates_controller.rb
@ -1,3 +1,5 @@
 require 'openssl'
 class CertificatesController < ApplicationController
  before_action :set_certificate, only: [:show, :edit, :update, :destroy]
@ -26,6 +28,22 @@ class CertificatesController < ApplicationController
  def create
    @certificate = Certificate.new(certificate_params)
    key = OpenSSL::PKey::RSA.new 4096
    name = OpenSSL::X509::Name.parse 'CN=lex-deeit/DC=weird-web-workers/DC=org'
    cert = OpenSSL::X509::Certificate.new
    cert.version = 2
    cert.serial = 0
    cert.not_before = Time.now
    cert.not_after = Time.now + 3600
    cert.public_key = key.public_key
    cert.subject = name
    cert.sign key, OpenSSL::Digest::SHA256.new
    @certificate.key = key.to_pem
    @certificate.cert = cert.to_pem
    respond_to do |format|
      if @certificate.save
        format.html { redirect_to @certificate, notice: 'Certificate was successfully created.' }
@ -72,3 +90,5 @@ class CertificatesController < ApplicationController
      params.require(:certificate).permit(:key, :cert, :active)
    end
 end
 # vim: set et ts=2 sw=2:
--- a/app/models/certificate.rb
+++ b/app/models/certificate.rb
@ -1,2 +1,21 @@
 require "openssl"
 require 'digest/md5'
 class Certificate < ActiveRecord::Base
  def key
    OpenSSL::PKey::RSA.new read_attribute(:key) if read_attribute(:key)
  end
  def cert
    OpenSSL::X509::Certificate.new read_attribute(:cert) if read_attribute(:cert)
  end
  def key_fpr
    Digest::SHA1.hexdigest(key.to_der).upcase
  end
  def cert_fpr
    Digest::SHA1.hexdigest(cert.to_der).upcase
  end
 end
 # vim: set et ts=2 sw=2:
--- a/app/views/certificates/index.html.erb
+++ b/app/views/certificates/index.html.erb
@ -15,8 +15,8 @@
  <tbody>
    <% @certificates.each do |certificate| %>
      <tr>
        <td><%= certificate.key %></td>
        <td><%= certificate.cert %></td>
        <td><%= certificate.key_fpr.scan(/../).join(':') %></td>
        <td><%= certificate.cert_fpr.scan(/../).join(':') %></td>
        <td><%= certificate.active %></td>
        <td><%= link_to 'Show', certificate %></td>
        <td><%= link_to 'Edit', edit_certificate_path(certificate) %></td>