Hi im going to have to create a lot of public and private keys for
clients and would like to automate the process by using a script (in
ruby of course).
This is for an openvpn setup and currently ive been MANUALY creating
keys with the easy-rsa bat file that comes with it but id like to
automate it.
Is there a ruby libary available that would allow me to create public
and private keys if i already have a CA. Would openvpn recognize these
keys (are keys, keys no matter what language they are created in??? im
not hot on cryptology)
The other option would be to just execute the bat file from my ruby
script and simulate the keyboard to respond to the various prompts. I
havent doent this before so im not sure if this is easier or harder than
above. Any tips or pointers will really help!
keys (are keys, keys no matter what language they are created in??? im
not hot on cryptology)
The other option would be to just execute the bat file from my ruby
script and simulate the keyboard to respond to the various prompts. I
havent doent this before so im not sure if this is easier or harder than
above. Any tips or pointers will really help!
I haven’t done this myself.
But the common Swiss army knife for this is OpenSSL.
The alternative is to use drive the openssl command line, that may be
easier as there are plenty of examples for generating keys using
OpenSSL. The nascent http://rubyforge.org/projects/simplessl/ used the
openssl command line & might be a good starting point.
The alternative is to use drive the openssl command line, that may be easier as there are plenty of examples for generating keys using OpenSSL. The nascent http://rubyforge.org/projects/simplessl/ used the openssl command line & might be a good starting point.
Other here may well know better, of course
Ruby::OpenSSL is not the friendliest of libraries due to a lack of
detailed documentation but you can find some coverage by Romek (the
author of SSL PlayPen) and myself in the “Semantic DNS” presentation
available at the link in my signature. That’s mostly to do with ad hoc
key generation in a hybrid crypto system but there may be something
there that could be useful for a CA scenario.
Hi im going to have to create a lot of public and private keys for
clients and would like to automate the process by using a script (in
ruby of course).
I haven’t done this myself.
But the common Swiss army knife for this is OpenSSL.
Ruby::OpenSSL is not the friendliest of libraries due to a lack of
detailed documentation but you can find some coverage by Romek (the
author of SSL PlayPen) and myself in the “Semantic DNS” presentation
available at the link in my signature. That’s mostly to do with ad hoc
key generation in a hybrid crypto system but there may be something
there that could be useful for a CA scenario.
Ah, what a small world.
I enjoyed your flashtalk at the BCS earlier this year on Ruby & Unix
file handles. I guess it was a part of your current “The Ruby Guide to
*nix Plumbing”, I’ll have to have a look at the rest of your slides.
For myself I will have a look through the earlier Semantic web ones too.
But the common Swiss army knife for this is OpenSSL.
Ruby provides Ruby::OpenSSL. Apparently that library isn’t the easiest
to use, buthttp://rubyforge.org/projects/sslplaypen/has examples which
may help.
Ruby::OpenSSL is not the friendliest of libraries due to a lack of detailed documentation but you can find some coverage by Romek (the author of SSL PlayPen) and myself in the “Semantic DNS” presentation available at the link in my signature. That’s mostly to do with ad hoc key generation in a hybrid crypto system but there may be something there that could be useful for a CA scenario.
Ah, what a small world.
I enjoyed your flashtalk at the BCS earlier this year on Ruby & Unix file handles. I guess it was a part of your current “The Ruby Guide to *nix Plumbing”, I’ll have to have a look at the rest of your slides.
It was the five-minute distillation of the usual 45-minute talk.
Apparently standing on stage and saying “malloc” a lot is the bit people
like most. DL::malloc still makes me smile whenever I use it lol
London could do with a few more multi-language meetups like that.
For myself I will have a look through the earlier Semantic web ones too.
Just to reiterate so there’s no confusion, it’s a Semantic DNS
presentation: i.e. it discusses some of the basics of how to use the DNS
tree as an application platform backed by coverage of crypto and network
programming in Ruby. There’s some blue sky research it’s based on that
we keep meaning to write up properly but Romek and I are lousy at that
sort of thing