Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
branch: master
Commits on Jan 13, 2014
  1. Merge pull request #35 from pmenglund/coveralls

    authored
    add coveralls
  2. Merge pull request #34 from pmenglund/subject_alt_name

    authored
    Subject alt name
Commits on Jan 11, 2014
  1. @pmenglund

    add coveralls

    pmenglund authored
Commits on Jan 10, 2014
  1. @pmenglund
  2. @pmenglund
  3. @pmenglund
  4. @pmenglund

    add travis config file

    pmenglund authored
  5. Extensions cleanup and support for subjectAltNames on SigningRequest.

    Chris Chandler authored
    These changes have been a *long* time coming.
    
    Extensions finally support object equality.
    
    Extensions will parse correctly from (highly limited) sample size
    so will likely need to be extended. Unfortunately, due to asymmetric
    set vs parse in OpenSSL you can't parse a cert with an extension you
    want and copy it to a new cert.
    
    Conveniences around creating subjectAltNames for CSRs.
  6. Merge branch 'subject_alt_name' of https://github.com/pmenglund/certi…

    Chris Chandler authored
    …ficate_authority into integration
    
    Conflicts:
    	lib/certificate_authority/extensions.rb
    	spec/units/extensions_spec.rb
Commits on Jan 9, 2014
  1. Merge branch 'fixes' of https://github.com/pmenglund/certificate_auth…

    Chris Chandler authored
    …ority into integration
    
    Conflicts:
    	lib/certificate_authority/certificate.rb
Commits on Dec 29, 2013
  1. @pmenglund

    add email to subjectAltName

    pmenglund authored
Commits on Oct 1, 2013
  1. @pmenglund

    simplify load_extensions

    pmenglund authored
  2. @pmenglund
  3. @pmenglund
  4. @pmenglund

    use https for rubygems

    pmenglund authored
Commits on Jun 5, 2013
  1. Lots of random improvements to the certificate_authority gem

    Reed Loden authored
    * Use https:// for rubygems.org gem source
    * Add activesupport gem for useful helper functions
    * Cap not_before and not_after to the hour
    * Use UTC for not_before and not_after
    * Add support for setting the criticality of extensions
    * Add support for producing a CSR based from an extension
    * Add support for importing data from X.509 certificate
    * Instead of having to list each extension manually, use ObjectSpace magic to dynamically find them
    * Add support for parsing extension information from existing certificates
    * Add new serialNumber option to the distinguished name
    * Convert openssl_identifier method to use a constant
    * Correct documentation for AuthorityKeyIdentifier
    * Add support for caIssuers in AuthorityInfoAccess extension
    * Remove clientAuth from default extendedKeyUsage extension usage
    * Add support for deprecated nsComment and nsCertType extensions
    * Initialize the serial_number to be a random number (2^128)
    * Add support for parsing extension information from existing CSRs
    * Require a private key before trying to produce a valid CSR
    * Add/update some tests
    
    TODO: Tests for all my changes
Commits on Jan 30, 2013
  1. Merge pull request #24 from jof/document_extensions

    authored
    Lightly document X.509v3 extensions. Link out to relevant RFC sections.
  2. Merge branch 'key_material_dedupe' of git://github.com/jof/certificat…

    Chris Chandler authored
    …e_authority
Commits on Nov 16, 2012
  1. @elijh
Commits on Nov 4, 2012
  1. @jof
  2. @jof
Commits on Sep 20, 2012
  1. Fixed a truly impressive typo. Thanks @preichen

    Chris Chandler authored
Commits on Sep 16, 2012
  1. Gemspec/Rakefile cleaning

    authored
  2. Version bump to 0.2.0

    authored
  3. Cleans up readme for OCSP

    authored
  4. Verification callback now supports multireturn for reason codes

    authored
    Additional tests around OCSP.
    
    Configurable next_update time on OCSP responses.
  5. Overhauling OCSP code. OCSPHandler is now deprecated.

    authored
    Code is being migrated to OCSPResponseBuilder and OCSPRequestReader.
    
    API is backward compatible with 1.x
  6. Better CRL support

    authored
    CRLs can now be generated from both Certificates and SerialNumbers.
    This is mostly for convenience if you don't want to keep the entire
    certificate around or want a lighter-weight way of doing it.
    
    There's also a new Revocable module to organize revocation-centric
    attributes.
    
    Additionally, the tests have been shorn up and the testing modulus
    reduced to 768 to speed things up.
Commits on Sep 14, 2012
  1. Adds a WrappedDistinguishedName to preserve unknown OIDs

    Chris Chandler authored
  2. WIP broken dns for 3rd party certs

    Eric Monti authored
  3. fix o= and emailAddress= in dn

    Eric Monti authored
  4. order _really_matters_

    Eric Monti authored
Something went wrong with that request. Please try again.