Permalink
Browse files

Adding missing signing_key to gemspec

per http://developer.zendesk.com/blog/2013/02/03/signing-gems/
    and https://github.com/sferik/twitter/blob/master/twitter.gemspec

1. Create self-signed cert

 cd ~/.ssh
 gem cert --build your@email.com
 chmod 600 gem-p*

2. Configure gem cert (I'm calling mine bf4)

 mkdir certs
 cp ~/.ssh/gem-public_cert.pem certs/bf4.pem
 - commit the pem
 - Add to gemspec
 s.cert_chain  = ['certs/bf4.pem']
 s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") if $0 =~ /gem\z/

3. Add your own cert, just like anyone else

 gem cert --add certs/bf4.pem

4. Build gem and test that you can install it

 gem build metric_fu.gemspec
 gem install metric_fu-4.5.1.gem -P HighSecurity
  • Loading branch information...
bf4 committed Nov 7, 2013
1 parent 40e69f5 commit ed2f96d8ce514ea0c647736d67f6ec3e863d0bb1
Showing with 1 addition and 0 deletions.
  1. +1 −0 metric_fu.gemspec
@@ -13,6 +13,7 @@ Gem::Specification.new do |s|
# used with gem i metric_fu -P HighSecurity
s.cert_chain = ['certs/bf4.pem']
s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") if $0 =~ /gem\z/
s.rubyforge_project = 'metric_fu'
s.license = 'MIT'

0 comments on commit ed2f96d

Please sign in to comment.