Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Ruby > creating certificates and public and private keys

Reply
Thread Tools

creating certificates and public and private keys

 
 
Adam Akhtar
Guest
Posts: n/a
 
      11-26-2009
Hi im going to have to create a lot of public and private keys for
clients and would like to automate the process by using a script (in
ruby of course).

This is for an openvpn setup and currently ive been MANUALY creating
keys with the easy-rsa bat file that comes with it but id like to
automate it.

Is there a ruby libary available that would allow me to create public
and private keys if i already have a CA. Would openvpn recognize these
keys (are keys, keys no matter what language they are created in??? im
not hot on cryptology)

The other option would be to just execute the bat file from my ruby
script and simulate the keyboard to respond to the various prompts. I
havent doent this before so im not sure if this is easier or harder than
above. Any tips or pointers will really help!
--
Posted via http://www.ruby-forum.com/.

 
Reply With Quote
 
 
 
 
Dave English
Guest
Posts: n/a
 
      11-27-2009
In message <(E-Mail Removed)>, Adam
Akhtar <(E-Mail Removed)> writes
>Hi im going to have to create a lot of public and private keys for
>clients and would like to automate the process by using a script (in
>ruby of course).
>
>This is for an openvpn setup and currently ive been MANUALY creating
>keys with the easy-rsa bat file that comes with it but id like to
>automate it.
>
>Is there a ruby libary available that would allow me to create public
>and private keys if i already have a CA. Would openvpn recognize these
>keys (are keys, keys no matter what language they are created in??? im
>not hot on cryptology)
>
>The other option would be to just execute the bat file from my ruby
>script and simulate the keyboard to respond to the various prompts. I
>havent doent this before so im not sure if this is easier or harder than
>above. Any tips or pointers will really help!


I haven't done this myself.

But the common Swiss army knife for this is OpenSSL.

Ruby provides Ruby::OpenSSL. Apparently that library isn't the easiest
to use, but http://rubyforge.org/projects/sslplaypen/ has examples which
may help.

The alternative is to use drive the openssl command line, that may be
easier as there are plenty of examples for generating keys using
OpenSSL. The nascent http://rubyforge.org/projects/simplessl/ used the
openssl command line & might be a good starting point.

Other here may well know better, of course
--
Dave English - http://www.velocityreviews.com/forums/(E-Mail Removed)

 
Reply With Quote
 
 
 
 
Eleanor McHugh
Guest
Posts: n/a
 
      11-27-2009
On 27 Nov 2009, at 11:01, Dave English wrote:
> In message <(E-Mail Removed)>, Adam =

Akhtar <(E-Mail Removed)> writes
>> Hi im going to have to create a lot of public and private keys for
>> clients and would like to automate the process by using a script (in
>> ruby of course).
>>=20
>> This is for an openvpn setup and currently ive been MANUALY creating
>> keys with the easy-rsa bat file that comes with it but id like to
>> automate it.
>>=20
>> Is there a ruby libary available that would allow me to create public
>> and private keys if i already have a CA. Would openvpn recognize =

these
>> keys (are keys, keys no matter what language they are created in??? =

im
>> not hot on cryptology)
>>=20
>> The other option would be to just execute the bat file from my ruby
>> script and simulate the keyboard to respond to the various prompts. I
>> havent doent this before so im not sure if this is easier or harder =

than
>> above. Any tips or pointers will really help!

>=20
> I haven't done this myself.
>=20
> But the common Swiss army knife for this is OpenSSL.
>=20
> Ruby provides Ruby::OpenSSL. Apparently that library isn't the =

easiest to use, but http://rubyforge.org/projects/sslplaypen/ has =
examples which may help.
>=20
> The alternative is to use drive the openssl command line, that may be =

easier as there are plenty of examples for generating keys using =
OpenSSL. The nascent http://rubyforge.org/projects/simplessl/ used the =
openssl command line & might be a good starting point.
>=20
> Other here may well know better, of course



Ruby::OpenSSL is not the friendliest of libraries due to a lack of =
detailed documentation but you can find some coverage by Romek (the =
author of SSL PlayPen) and myself in the "Semantic DNS" presentation =
available at the link in my signature. That's mostly to do with ad hoc =
key generation in a hybrid crypto system but there may be something =
there that could be useful for a CA scenario.


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
----
raise ArgumentError unless @reality.responds_to? :reason


 
Reply With Quote
 
Dave English
Guest
Posts: n/a
 
      11-27-2009
In message <(E-Mail Removed)>,
Eleanor McHugh <(E-Mail Removed)> writes
>On 27 Nov 2009, at 11:01, Dave English wrote:
>> In message <(E-Mail Removed)>, Adam
>>Akhtar <(E-Mail Removed)> writes
>>> Hi im going to have to create a lot of public and private keys for
>>> clients and would like to automate the process by using a script (in
>>> ruby of course).


>> I haven't done this myself.
>>
>> But the common Swiss army knife for this is OpenSSL.
>>
>> Ruby provides Ruby::OpenSSL. Apparently that library isn't the
>>easiest to use, but http://rubyforge.org/projects/sslplaypen/ has
>>examples which may help.


>> Other here may well know better, of course

>
>
>Ruby::OpenSSL is not the friendliest of libraries due to a lack of
>detailed documentation but you can find some coverage by Romek (the
>author of SSL PlayPen) and myself in the "Semantic DNS" presentation
>available at the link in my signature. That's mostly to do with ad hoc
>key generation in a hybrid crypto system but there may be something
>there that could be useful for a CA scenario.


Ah, what a small world.

I enjoyed your flashtalk at the BCS earlier this year on Ruby & Unix
file handles. I guess it was a part of your current "The Ruby Guide to
*nix Plumbing", I'll have to have a look at the rest of your slides.

For myself I will have a look through the earlier Semantic web ones too.

Regards
--
Dave English - (E-Mail Removed)

 
Reply With Quote
 
yermej
Guest
Posts: n/a
 
      11-27-2009
On Nov 27, 5:01*am, Dave English <(E-Mail Removed)> wrote:

> But the common Swiss army knife for this is OpenSSL.
>
> Ruby provides Ruby::OpenSSL. *Apparently that library isn't the easiest
> to use, buthttp://rubyforge.org/projects/sslplaypen/has examples which
> may help.


There are also some example uses of Ruby's OpenSSL library in the Ruby
source tarball:
http://svn.ruby-lang.org/cgi-bin/vie...ample/openssl/
 
Reply With Quote
 
Eleanor McHugh
Guest
Posts: n/a
 
      11-28-2009
On 27 Nov 2009, at 13:12, Dave English wrote:
> In message =

<(E-Mail Removed)>, Eleanor =
McHugh <(E-Mail Removed)> writes
>> Ruby::OpenSSL is not the friendliest of libraries due to a lack of =

detailed documentation but you can find some coverage by Romek (the =
author of SSL PlayPen) and myself in the "Semantic DNS" presentation =
available at the link in my signature. That's mostly to do with ad hoc =
key generation in a hybrid crypto system but there may be something =
there that could be useful for a CA scenario.
>=20
> Ah, what a small world.
>=20
> I enjoyed your flashtalk at the BCS earlier this year on Ruby & Unix =

file handles. I guess it was a part of your current "The Ruby Guide to =
*nix Plumbing", I'll have to have a look at the rest of your slides.

It was the five-minute distillation of the usual 45-minute talk. =
Apparently standing on stage and saying "malloc" a lot is the bit people =
like most. DL::malloc still makes me smile whenever I use it lol

London could do with a few more multi-language meetups like that.

> For myself I will have a look through the earlier Semantic web ones =

too.

Just to reiterate so there's no confusion, it's a Semantic DNS =
presentation: i.e. it discusses some of the basics of how to use the DNS =
tree as an application platform backed by coverage of crypto and network =
programming in Ruby. There's some blue sky research it's based on that =
we keep meaning to write up properly but Romek and I are lousy at that =
sort of thing


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
http://www.linkedin.com/in/eleanormchugh


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSE 4 11-15-2006 02:40 AM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola Microsoft Certification 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSD 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM



Advertisments