Forum: Ruby OpenSSL verify certificate from own CA

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Bruno A. (Guest)
on 2009-03-31 17:50
Hello all and thanks for your time reading this.

I need to verify certificates issued by my own CA, for which I have a
certificate. How can I do the equivalent to openssl's

 openssl verify -CAfile <cafile.pem> <certificate-to-verify.pem>

in Ruby code? The RDoc for OpenSSL is not very helpful in this regard.
I've tried:

[code]
require 'openssl'

ca = OpenSSL::X509::Certificate.new(File.read('ca-cert.pem'))

lic = OpenSSL::X509::Certificate.new(File.read('cert.pem'))

puts lic.verify( ca )
[/code]

but I get:

test.rb:7:in `verify': wrong argument (OpenSSL::X509::Certificate)!
(Expected kind of OpenSSL::PKey::PKey) (TypeError)
  from test.rb:7

I can't even find "verify" in the OpenSSL Rdoc at
http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc....

Any help is appreciated. Thanks again!
This topic is locked and can not be replied to.