chef-vault-pki 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/bin/chef-vault-pki +72 -0
- metadata +45 -0
checksums.yaml
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
---
|
2
|
+
!binary "U0hBMQ==":
|
3
|
+
metadata.gz: !binary |-
|
4
|
+
YTNjZmU0Mzc0ZWZhYjdkNTgwMjlhODNhYjlkOTc5M2JjYWY0ZmY0MA==
|
5
|
+
data.tar.gz: !binary |-
|
6
|
+
ZWUwODczNDcxNzgyYzg5MjM5ZjlkOWVkNjExZjRmYzVjMzY3ZGUxZg==
|
7
|
+
SHA512:
|
8
|
+
metadata.gz: !binary |-
|
9
|
+
ODA5NTVmYTgyOWRkZGRiNWQxZDhhNzRiYWNhOGM0YjZlMzE3YzczNTc3MDk0
|
10
|
+
ZTc3YTI1ZDViZTIyNTM5NzQwYzY2MjNjYzhhMzNiMTRhNTkxMWM2OTk2NTg5
|
11
|
+
MTMxNmM5ZGU5OGRkM2UxMGI5YjQ3OTNlZTM4NTliYTg1NGFhNjc=
|
12
|
+
data.tar.gz: !binary |-
|
13
|
+
NjI4OWQ2OTJiNzllYzI2NzJhZDhkMGJjZmMyZWY4OGMwYTQ5MzcwN2IwZTU4
|
14
|
+
NDI4YjkwZGYxNzRiNmEwY2Y2ZjExNmNmZmQ1YjA4YjBhY2U5MjVlYWZiNWQx
|
15
|
+
YzRjYWE0MDdmNzlmNzhlMjJjMWNkMWMzNjY2ZTk3ZDc5ZTUwN2E=
|
data/bin/chef-vault-pki
ADDED
@@ -0,0 +1,72 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require 'openssl'
|
4
|
+
require 'base64'
|
5
|
+
require 'optparse'
|
6
|
+
|
7
|
+
version = '0.1.0'
|
8
|
+
options = {
|
9
|
+
:name => "chef_vault_pki_ca",
|
10
|
+
:expire => 3655,
|
11
|
+
:output => 'json'
|
12
|
+
}
|
13
|
+
|
14
|
+
OptionParser.new do |opts|
|
15
|
+
opts.banner = "Usage chef-vault-pki [options]"
|
16
|
+
|
17
|
+
opts.on("-n", "--name NAME", "NAME for SSL certificate. Defaults to #{options[:name]}") do |n|
|
18
|
+
options[:name] = n
|
19
|
+
end
|
20
|
+
|
21
|
+
opts.on("-e", "--expires DAYS", "Certificate expires in DAYS days. Defaults to #{options[:expire]}") do |e|
|
22
|
+
options[:expire] = e
|
23
|
+
end
|
24
|
+
|
25
|
+
opts.on("-o", "--output FORMAT", "Output format (json,text). Defaults to #{options[:output]}") do |o|
|
26
|
+
options[:output] = o
|
27
|
+
end
|
28
|
+
|
29
|
+
opts.on("-h", "--help", "Show this message") do
|
30
|
+
puts opts
|
31
|
+
exit
|
32
|
+
end
|
33
|
+
|
34
|
+
opts.on("-v", "--version", "Show version") do
|
35
|
+
puts "Version #{version}"
|
36
|
+
exit
|
37
|
+
end
|
38
|
+
|
39
|
+
end.parse!
|
40
|
+
|
41
|
+
key = OpenSSL::PKey::RSA.new 2048
|
42
|
+
|
43
|
+
name = OpenSSL::X509::Name.parse "CN=#{options[:name]}"
|
44
|
+
|
45
|
+
expires = Time.now + (options[:expire] * 3600 * 24)
|
46
|
+
|
47
|
+
cert = OpenSSL::X509::Certificate.new
|
48
|
+
cert.version = 3
|
49
|
+
cert.serial = 0
|
50
|
+
cert.not_before = Time.now
|
51
|
+
cert.not_after = expires
|
52
|
+
cert.public_key = key.public_key
|
53
|
+
cert.subject = name
|
54
|
+
cert.issuer = name
|
55
|
+
#cert.sign key, OpenSSL::Digest::SHA1.new
|
56
|
+
extension_factory = OpenSSL::X509::ExtensionFactory.new
|
57
|
+
extension_factory.subject_certificate = cert
|
58
|
+
extension_factory.issuer_certificate = cert
|
59
|
+
extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
|
60
|
+
extension_factory.create_extension 'basicConstraints', 'CA:TRUE', true
|
61
|
+
extension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true
|
62
|
+
cert.sign key, OpenSSL::Digest::SHA1.new
|
63
|
+
|
64
|
+
case options[:output].downcase
|
65
|
+
when 'json'
|
66
|
+
require 'json'
|
67
|
+
puts ({ :cert => cert.to_pem, :key => key.to_pem }.to_json)
|
68
|
+
else
|
69
|
+
puts cert.to_pem
|
70
|
+
puts key.to_pem
|
71
|
+
end
|
72
|
+
|
metadata
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: chef-vault-pki
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Fraser Scott
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-02-21 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: Generate a CA for chef_vault_pki cookbook
|
14
|
+
email: fraser.scott@gmail.com
|
15
|
+
executables:
|
16
|
+
- chef-vault-pki
|
17
|
+
extensions: []
|
18
|
+
extra_rdoc_files: []
|
19
|
+
files:
|
20
|
+
- bin/chef-vault-pki
|
21
|
+
homepage: https://github.com/zeroXten/chef-vault-pki
|
22
|
+
licenses:
|
23
|
+
- MIT
|
24
|
+
metadata: {}
|
25
|
+
post_install_message:
|
26
|
+
rdoc_options: []
|
27
|
+
require_paths:
|
28
|
+
- lib
|
29
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ! '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
35
|
+
requirements:
|
36
|
+
- - ! '>='
|
37
|
+
- !ruby/object:Gem::Version
|
38
|
+
version: '0'
|
39
|
+
requirements: []
|
40
|
+
rubyforge_project:
|
41
|
+
rubygems_version: 2.2.1
|
42
|
+
signing_key:
|
43
|
+
specification_version: 4
|
44
|
+
summary: Generate a CA for chef_vault_pki cookbook
|
45
|
+
test_files: []
|