mirror of
https://github.com/lostisland/faraday.git
synced 2025-10-04 00:02:03 -04:00
49 lines
1.5 KiB
Ruby
Executable File
49 lines
1.5 KiB
Ruby
Executable File
#!/usr/bin/env ruby
|
|
|
|
# frozen_string_literal: true
|
|
|
|
# Usage: generate_certs [options]
|
|
# options:
|
|
# -s Display shell exports that link env variables to filenames
|
|
# Generate test certs for testing Faraday with SSL
|
|
|
|
require 'openssl'
|
|
require 'fileutils'
|
|
|
|
# Adapted from WEBrick::Utils. Skips cert extensions so it
|
|
# can be used as a CA bundle
|
|
def create_self_signed_cert(bits, cname, _comment)
|
|
rsa = OpenSSL::PKey::RSA.new(bits)
|
|
cert = OpenSSL::X509::Certificate.new
|
|
cert.version = 2
|
|
cert.serial = 1
|
|
name = OpenSSL::X509::Name.new(cname)
|
|
cert.subject = name
|
|
cert.issuer = name
|
|
cert.not_before = Time.now
|
|
cert.not_after = Time.now + (365 * 24 * 60 * 60)
|
|
cert.public_key = rsa.public_key
|
|
cert.sign(rsa, OpenSSL::Digest.new('SHA1'))
|
|
[cert, rsa]
|
|
end
|
|
|
|
def write(file, contents, env_var)
|
|
FileUtils.mkdir_p(File.dirname(file))
|
|
File.open(file, 'w') { |f| f.puts(contents) }
|
|
puts %(export #{env_var}="#{file}") if ARGV.include? '-s'
|
|
end
|
|
|
|
# One cert / CA for ease of testing when ignoring verification
|
|
cert, key = create_self_signed_cert(1024, [%w[CN localhost]],
|
|
'Faraday Test CA')
|
|
|
|
write 'tmp/faraday-cert.key', key, 'SSL_KEY'
|
|
write 'tmp/faraday-cert.crt', cert, 'SSL_FILE'
|
|
|
|
# And a second CA to prove that verification can fail
|
|
cert, key = create_self_signed_cert(1024, [%w[CN real-ca.com]],
|
|
'A different CA')
|
|
|
|
write 'tmp/faraday-different-ca-cert.key', key, 'SSL_KEY_ALT'
|
|
write 'tmp/faraday-different-ca-cert.crt', cert, 'SSL_FILE_ALT'
|