type=class
superclass=Object
included=
extended=
library=openssl

[[c:OpenSSL::X509::Extension]] ؤ뤿
饹Ǥ



  # ca_cert: CA ξ񥪥֥
  # req: CSR ֥
  # newcert: Υ֥
  ca_cert = OpenSSL::X509::Certificate.new(File.read('ca_cert.pem'))
  req = OpenSSL::X509::Request.new(File.read('req.pem'))
  newcert = OpenSSL::X509::Certificate.new
  #  ExtensionFactory ֥Ȥ CA ξ񥪥֥
  # 
  factory = OpenSSL::X509::ExtensionFactory.new(ca_cert)
  # CSR ֥Ȥ
  factory.subject_request = req
  # basicConstraints ĥΰ
  p factory.create_extension("basicConstraints", "CA:FALSE")
  # => basicConstraints = CA:FALSE

  # subjectKeyIdentifier ĥΰ
  # ͤ CSR ֥Ȥθ
  p factory.create_extension("subjectKeyIdentifier", "hash")
  # => subjectKeyIdentifier = 99:E7:A1:.....
  
  # authorityKeyIdentifier ĥΰ
  # ͤ CA ξ񥪥֥Ȥ
  p factory.create_extension("authorityKeyIdentifier", "keyid,issuer:always")
  # => authorityKeyIdentifier = keyid:D1:AB:87:....
  
  # ĥΰ襪֥Ȥγĥΰɲ
  newcert.add_extension(factory.create_extension("basicConstraints", "CA:FALSE"))
