These changes have been a *long* time coming. Extensions finally support object equality. Extensions will parse correctly from (highly limited) sample size so will likely need to be extended. Unfortunately, due to asymmetric set vs parse in OpenSSL you can't parse a cert with an extension you want and copy it to a new cert. Conveniences around creating subjectAltNames for CSRs.
* Use https:// for rubygems.org gem source * Add activesupport gem for useful helper functions * Cap not_before and not_after to the hour * Use UTC for not_before and not_after * Add support for setting the criticality of extensions * Add support for producing a CSR based from an extension * Add support for importing data from X.509 certificate * Instead of having to list each extension manually, use ObjectSpace magic to dynamically find them * Add support for parsing extension information from existing certificates * Add new serialNumber option to the distinguished name * Convert openssl_identifier method to use a constant * Correct documentation for AuthorityKeyIdentifier * Add support for caIssuers in AuthorityInfoAccess extension * Remove clientAuth from default extendedKeyUsage extension usage * Add support for deprecated nsComment and nsCertType extensions * Initialize the serial_number to be a random number (2^128) * Add support for parsing extension information from existing CSRs * Require a private key before trying to produce a valid CSR * Add/update some tests TODO: Tests for all my changes
Additional tests around OCSP. Configurable next_update time on OCSP responses.
Code is being migrated to OCSPResponseBuilder and OCSPRequestReader. API is backward compatible with 1.x
CRLs can now be generated from both Certificates and SerialNumbers. This is mostly for convenience if you don't want to keep the entire certificate around or want a lighter-weight way of doing it. There's also a new Revocable module to organize revocation-centric attributes. Additionally, the tests have been shorn up and the testing modulus reduced to 768 to speed things up.