quick_cert 2.0

data/.document

@@ -0,0 +1,3 @@
+README.txt
+History.txt
+lib

data/History.txt

@@ -0,0 +1,11 @@
+=== 2.0 / 2009-04-16
+
+* 2 minor enhancements:
+  * Released as a gem
+  * Reorganized for Hoe
+
+* 3 discoveries:
+  * CVS is odd after not using it for so long
+  * My ruby style hasn't changed much in the past five years
+  * I still don't know how OpenSSL works
+

data/Manifest.txt

@@ -0,0 +1,13 @@
+.document
+History.txt
+Manifest.txt
+README.txt
+Rakefile
+bin/quick_cert
+lib/.document
+lib/quick_cert.rb
+lib/quick_cert/defaults.rb
+sample/DRb_README.txt
+sample/drbssl_c.rb
+sample/drbssl_s.rb
+sample/qc_config

data/README.txt

@@ -0,0 +1,28 @@
+= quick_cert
+
+* http://seattlerb.rubyforge.org/quick_cert
+* http://rubyforge.org/projects/seattlerb
+
+== DESCRIPTION
+
+quick_cert allows you to quickly and easily create SSL certificates.  It uses
+a simple configuration file to generate self-signed client and server
+certificates.
+
+== FEATURES/PROBLEMS
+
+* I'm still not sure how it works nearly five years later
+* My Ruby style from five years ago is largely unchanged
+
+== SYNOPSIS
+
+See QuickCert in the RDoc.
+
+== REQUIREMENTS
+
+* OpenSSL
+
+== INSTALL
+
+* sudo gem install quick_cert
+

data/Rakefile

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'hoe'
+$: << 'lib'
+require 'quick_cert'
+
+Hoe.new 'quick_cert', QuickCert::VERSION do |qc|
+  qc.rubyforge_name = 'seattlerb'
+  qc.developer 'Eric Hodel', 'drbrain@segment7.net'
+end
+

data/bin/quick_cert

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby -w
+
+require 'quick_cert'
+
+# get configuration
+CA = {}
+CERTS = []
+load ARGV.shift || 'qc_config'
+require 'quick_cert/defaults'
+
+qc = QuickCert.new CA, $DEBUG
+
+CERTS.each do |cert_config|
+  qc.create_cert cert_config
+end
+

data/lib/.document

@@ -0,0 +1 @@
+quick_cert.rb

data/lib/quick_cert.rb

@@ -0,0 +1,332 @@
+require 'openssl'
+
+##
+# :main: README.txt
+#
+# QuickCert allows you to quickly and easily create SSL certificates.  It uses
+# a simple configuration file to generate self-signed client and server
+# certificates.
+#
+# QuickCert is a compilation of NAKAMURA Hiroshi's post
+# {[ruby-talk:89917]}[http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/89917]
+#
+# the example scripts referenced in the above post, and gen_csr.rb from Ruby's
+# OpenSSL examples.
+#
+# A simple QuickCert configuration file looks like:
+#
+#   full_hostname = `hostname`.strip
+#   domainname = full_hostname.split('.')[1..-1].join('.')
+#   hostname = full_hostname.split('.')[0]
+#
+#   CA[:hostname] = hostname
+#   CA[:domainname] = domainname
+#   CA[:CA_dir] = File.join Dir.pwd, "CA"
+#   CA[:password] = '1234'
+#   
+#   CERTS << {
+#     :type => 'server',
+#     :hostname => 'uriel',
+#     :password => '5678',
+#   }
+#   
+#   CERTS << {
+#     :type => 'client',
+#     :user => 'drbrain',
+#     :email => 'drbrain@segment7.net',
+#   }
+#
+# This configuration will create a Certificate Authority in a 'CA' directory
+# in the current directory, a server certificate with password '5678' for the
+# server 'uriel' in a directory named 'uriel', and a client certificate for
+# drbrain in the directory 'drbrain' with no password.
+#
+# There are additional SSL knobs you can tweak in the qc_defaults.rb file.
+# (See `gem which quick_cert/defaults`).
+#
+# To generate the certificates, simply create a qc_config file where you want
+# the certificate directories to be created, then run QuickCert.
+
+class QuickCert
+
+  ##
+  # QuickCert Version
+
+  VERSION = "2.0"
+
+  ##
+  # Creates a new QuickCert instance using the Certificate Authority described
+  # in +ca_config+.  If there is no CA at ca_config[:CA_dir], then QuickCert
+  # will initialize a new one.  Prints out debugging info if +debug+ is true.
+
+  def initialize(ca_config, debug = false)
+    @ca_config = ca_config
+    @debug = debug
+
+    create_ca
+  end
+
+  ##
+  # Creates a new certificate from +cert_config+ that is signed
+  # by the CA.
+
+  def create_cert(cert_config)
+    cert_keypair = create_key cert_config
+    cert_csr = create_csr cert_config, cert_keypair
+    sign_cert cert_config, cert_keypair, cert_csr
+  end
+
+  ##
+  # Creates a new Certificate Authority from @ca_config if it
+  # does not already exist at ca_config[:CA_dir].
+
+  def create_ca
+    return if File.exist? @ca_config[:CA_dir]
+
+    Dir.mkdir @ca_config[:CA_dir]
+
+    Dir.mkdir File.join(@ca_config[:CA_dir], 'private'), 0700
+    Dir.mkdir File.join(@ca_config[:CA_dir], 'newcerts')
+    Dir.mkdir File.join(@ca_config[:CA_dir], 'crl')
+
+    open @ca_config[:serial_file], 'w' do |f| f << '1' end
+
+    warn "Generating CA keypair" if @debug
+    keypair = OpenSSL::PKey::RSA.new @ca_config[:ca_rsa_key_length]
+
+    cert = OpenSSL::X509::Certificate.new
+    name = @ca_config[:name].dup << ['CN', 'CA']
+    cert.subject = cert.issuer = OpenSSL::X509::Name.new(name)
+    cert.not_before = Time.now
+    cert.not_after = Time.now + @ca_config[:ca_cert_days] * 24 * 60 * 60
+    cert.public_key = keypair.public_key
+    cert.serial = 0x0
+    cert.version = 2 # X509v3
+
+    ef = OpenSSL::X509::ExtensionFactory.new
+    ef.subject_certificate = cert
+    ef.issuer_certificate = cert
+    cert.extensions = [
+      ef.create_extension("basicConstraints", "CA:TRUE", true),
+      ef.create_extension("nsComment", "Ruby/OpenSSL Generated Certificate"),
+      ef.create_extension("subjectKeyIdentifier", "hash"),
+      ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
+    ]
+    cert.add_extension ef.create_extension("authorityKeyIdentifier",
+                                           "keyid:always,issuer:always")
+    cert.sign keypair, OpenSSL::Digest::SHA1.new
+
+    keypair_export = keypair.export OpenSSL::Cipher::DES.new(:EDE3, :CBC),
+                                    @ca_config[:password]
+
+    warn "Writing keypair to #{@ca_config[:keypair_file]}" if @debug
+    open @ca_config[:keypair_file], "w", 0400 do |fp|
+      fp << keypair_export
+    end
+
+    warn "Writing cert to #{@ca_config[:cert_file]}" if @debug
+    open @ca_config[:cert_file], "w", 0644 do |f|
+      f << cert.to_pem
+    end
+
+    warn "Done generating certificate for #{cert.subject}" if @debug
+  end
+
+  ##
+  # Creates a new RSA key from +cert_config+.
+
+  def create_key(cert_config)
+    dest = cert_config[:hostname] || cert_config[:user]
+    keypair_file = File.join dest, (dest + "_keypair.pem")
+    Dir.mkdir dest, 0700
+
+    warn "Generating RSA keypair" if @debug
+    keypair = OpenSSL::PKey::RSA.new 1024
+
+    if cert_config[:password].nil? then
+      open keypair_file, "w", 0400 do |f|
+        f << keypair.to_pem
+      end
+    else
+      keypair_export = keypair.export OpenSSL::Cipher::DES.new(:EDE3, :CBC),
+                                      cert_config[:password]
+
+      warn "Writing keypair to #{keypair_file}" if @debug
+      open keypair_file, "w", 0400 do |f|
+        f << keypair_export
+      end
+
+    end
+
+    keypair_file
+  end
+
+  ##
+  # Creates a new Certificate Signing Request for the keypair in
+  # +keypair_file+, generating and saving new keypair if nil.
+
+  def create_csr(cert_config, keypair_file = nil)
+    keypair = nil
+    dest = cert_config[:hostname] || cert_config[:user]
+    csr_file = File.join dest, "csr_#{dest}.pem"
+
+    name = @ca_config[:name].dup
+
+    case cert_config[:type]
+    when 'server' then
+      name << ['OU', 'CA']
+      name << ['CN', cert_config[:hostname]]
+    when 'client' then
+      name << ['CN', cert_config[:user]]
+      name << ['emailAddress', cert_config[:email]]
+    end
+
+    name = OpenSSL::X509::Name.new name
+
+    if File.exist? keypair_file then
+      keypair = OpenSSL::PKey::RSA.new File.read(keypair_file),
+                                       cert_config[:password]
+    else
+      keypair = create_key cert_config
+    end
+
+    warn "Generating CSR for #{name}" if @debug
+
+    req = OpenSSL::X509::Request.new
+    req.version = 0
+    req.subject = name
+    req.public_key = keypair.public_key
+    req.sign keypair, OpenSSL::Digest::MD5.new
+
+    warn "Writing CSR to #{csr_file}" if @debug
+    open csr_file, "w" do |f|
+      f << req.to_pem
+    end
+
+    csr_file
+  end
+
+  ##
+  # Signs the certificate described in +cert_config+ and
+  # +csr_file+, saving it to +cert_file+.
+
+  def sign_cert(cert_config, cert_file, csr_file)
+    csr = OpenSSL::X509::Request.new File.read(csr_file)
+
+    raise "CSR sign verification failed." unless csr.verify csr.public_key
+
+    raise "Key length too short" if
+      csr.public_key.n.num_bits < @ca_config[:cert_key_length_min]
+
+    raise "Key length too long" if
+      csr.public_key.n.num_bits > @ca_config[:cert_key_length_max]
+
+    raise "DN does not match" if
+      csr.subject.to_a[0, @ca_config[:name].size] != @ca_config[:name]
+
+    # Only checks signature here.  You must verify CSR according to your
+    # CP/CPS.
+
+    # CA setup
+
+    warn "Reading CA cert from #{@ca_config[:cert_file]}" if @debug
+    ca = OpenSSL::X509::Certificate.new File.read(@ca_config[:cert_file])
+
+    warn "Reading CA keypair from #{@ca_config[:keypair_file]}" if @debug
+    ca_keypair = OpenSSL::PKey::RSA.new File.read(@ca_config[:keypair_file]),
+                                        @ca_config[:password]
+
+    serial = File.read(@ca_config[:serial_file]).chomp.hex
+    open @ca_config[:serial_file], "w" do |f|
+      f << "%04X" % (serial + 1)
+    end
+
+    warn "Generating cert" if @debug
+
+    cert = OpenSSL::X509::Certificate.new
+    from = Time.now
+    cert.subject = csr.subject
+    cert.issuer = ca.subject
+    cert.not_before = from
+    cert.not_after = from + @ca_config[:cert_days] * 24 * 60 * 60
+    cert.public_key = csr.public_key
+    cert.serial = serial
+    cert.version = 2 # X509v3
+
+    basic_constraint = nil
+    key_usage = []
+    ext_key_usage = []
+
+    case cert_config[:type]
+    when "ca" then
+      basic_constraint = "CA:TRUE"
+      key_usage << "cRLSign" << "keyCertSign"
+    when "terminalsubca" then
+      basic_constraint = "CA:TRUE,pathlen:0"
+      key_usage << "cRLSign" << "keyCertSign"
+    when "server" then
+      basic_constraint = "CA:FALSE"
+      key_usage << "digitalSignature" << "keyEncipherment"
+      ext_key_usage << "serverAuth"
+    when "ocsp" then
+      basic_constraint = "CA:FALSE"
+      key_usage << "nonRepudiation" << "digitalSignature"
+      ext_key_usage << "serverAuth" << "OCSPSigning"
+    when "client" then
+      basic_constraint = "CA:FALSE"
+      key_usage << "nonRepudiation" << "digitalSignature" << "keyEncipherment"
+      ext_key_usage << "clientAuth" << "emailProtection"
+    else
+      raise "unknonw cert type \"#{cert_config[:type]}\""
+    end
+
+    ef = OpenSSL::X509::ExtensionFactory.new
+    ef.subject_certificate = cert
+    ef.issuer_certificate = ca
+    ex = []
+    ex << ef.create_extension("basicConstraints", basic_constraint, true)
+    ex << ef.create_extension("nsComment",
+                              "Ruby/OpenSSL Generated Certificate")
+    ex << ef.create_extension("subjectKeyIdentifier", "hash")
+    #ex << ef.create_extension("nsCertType", "client, email")
+    unless key_usage.empty? then
+      ex << ef.create_extension("keyUsage", key_usage.join(","))
+    end
+    #ex << ef.create_extension("authorityKeyIdentifier",
+    #                          "keyid:always,issuer:always")
+    #ex << ef.create_extension("authorityKeyIdentifier", "keyid:always")
+    unless ext_key_usage.empty? then
+      ex << ef.create_extension("extendedKeyUsage", ext_key_usage.join(","))
+    end
+
+    if @ca_config[:cdp_location] then
+      ex << ef.create_extension("crlDistributionPoints",
+                                @ca_config[:cdp_location])
+    end
+
+    if @ca_config[:ocsp_location] then
+      ex << ef.create_extension("authorityInfoAccess",
+                                "OCSP;" << @ca_config[:ocsp_location])
+    end
+    cert.extensions = ex
+    cert.sign ca_keypair, OpenSSL::Digest::SHA1.new
+
+    backup_cert_file = @ca_config[:new_certs_dir] + "/cert_#{cert.serial}.pem"
+    warn "Writing backup cert to #{backup_cert_file}" if @debug
+    open backup_cert_file, "w", 0644 do |f|
+      f << cert.to_pem
+    end
+
+    # Write cert
+    dest = cert_config[:hostname] || cert_config[:user]
+    cert_file = File.join dest, "cert_#{dest}.pem"
+    warn "Writing cert to #{cert_file}" if @debug
+    open cert_file, "w", 0644 do |f|
+      f << cert.to_pem
+    end
+
+    cert_file
+  end
+
+end
+

data/lib/quick_cert/defaults.rb

@@ -0,0 +1,28 @@
+CA[:CA_dir] ||= Dir.pwd
+
+CA[:keypair_file] ||= File.join CA[:CA_dir], "private/cakeypair.pem"
+CA[:cert_file] ||= File.join CA[:CA_dir], "cacert.pem"
+CA[:serial_file] ||= File.join CA[:CA_dir], "serial"
+CA[:new_certs_dir] ||= File.join CA[:CA_dir], "newcerts"
+CA[:new_keypair_dir] ||= File.join CA[:CA_dir], "private/keypair_backup"
+CA[:crl_dir] ||= File.join CA[:CA_dir], "crl"
+
+CA[:ca_cert_days] ||= 5 * 365 # five years
+CA[:ca_rsa_key_length] ||= 2048
+
+CA[:cert_days] ||= 365 # one year
+CA[:cert_key_length_min] ||= 1024
+CA[:cert_key_length_max] ||= 2048
+
+CA[:crl_file] ||= File.join CA[:crl_dir], "#{CA[:hostname]}.crl"
+CA[:crl_pem_file] ||= File.join CA[:crl_dir], "#{CA[:hostname]}.pem"
+CA[:crl_days] ||= 14
+
+if CA[:name].nil?
+  CA[:name] = [
+    ['C', 'US', OpenSSL::ASN1::PRINTABLESTRING],
+    ['O', CA[:domainname], OpenSSL::ASN1::UTF8STRING],
+    ['OU', CA[:hostname], OpenSSL::ASN1::UTF8STRING],
+  ]
+end
+

data/sample/DRb_README.txt

@@ -0,0 +1,57 @@
+Here's a quick primer on how to get use DRb over SSL with QuickCert.
+
+1. Modify qc_config to suit.  The host I'm writing this on is named 'uriel',
+   and my email address is 'drbrain@segment7.net', so I filled in the proper
+   entries in the server and client certs.
+
+     full_hostname = `hostname`.strip
+     domainname = full_hostname.split('.')[1..-1].join('.')
+     hostname = full_hostname.split('.')[0]
+     
+     CA[:hostname] = hostname
+     CA[:domainname] = domainname
+     CA[:CA_dir] = File.join Dir.pwd, "CA"
+     CA[:password] = '1234'
+     
+     CERTS << {
+       :type => 'server',
+       :hostname => 'uriel',
+       :password => '5678',
+     }
+     
+     CERTS << {
+       :type => 'client',
+       :user => 'drbrain',
+       :email => 'drbrain@segment7.net',
+     }
+
+2. Generate the certificates
+
+     quick_cert
+
+3. Setup the DRb server to use the proper certificates.  They are already
+   setup for 'uriel', so you'll have to edit drbssl_s.rb to match your
+   configuration.
+
+     cd uriel
+     ln -s ../drbssl_s.rb
+     ln -s ../CA/cacert.pem
+     vi drbssl_s.rb
+
+4. Start the DRb server.  You'll need the server certificate's passphrase.
+
+     ruby drbssl_s.rb
+
+5. Setup the DRb client to use the proper certificates.  They are already
+   setup for 'drbrain@segment7.net', so you'll have to edit drbssl_c.rb to
+   match your configuration.
+
+     cd drbrain
+     ln -s ../drbssl_c.rb
+     ln -s ../CA/cacert.pem
+     vi drbssl_c.rb
+
+6. Start the DRb client.  Then type your name and hit enter.  You will get
+   back a message "Hello, <your name>"
+
+     ./drbssl_c.rb

data/sample/drbssl_c.rb

@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+
+require 'drb'
+require 'drb/ssl'
+
+send_cert = true
+there = ARGV.shift || "drbssl://localhost:3456"
+
+config = Hash.new
+config[:SSLVerifyMode] = OpenSSL::SSL::VERIFY_PEER
+config[:SSLCACertificateFile] = "CA/cacert.pem"
+config[:SSLVerifyCallback] = lambda { |ok, store|
+  p :SSLVerifyCallback_args => [ok, store.error_string]
+  ok
+}
+
+if send_cert then
+  config[:SSLPrivateKey] = OpenSSL::PKey::RSA.new File.read("user/user_keypair.pem")
+  config[:SSLCertificate] = OpenSSL::X509::Certificate.new File.read("user/cert_user.pem")
+end
+
+DRb.start_service(nil,nil,config)
+h = DRbObject.new(nil, there)
+
+loop do
+  print "ok, say your name: "
+  $stdout.flush
+  line = gets.chomp
+  p h.hello(line)
+end

data/sample/drbssl_s.rb

@@ -0,0 +1,37 @@
+#!/usr/bin/env ruby
+
+require 'drb'
+require 'drb/ssl'
+
+require_client_cert = true
+here = ARGV.shift || "drbssl://localhost:3456"
+
+class HelloWorld
+  include DRbUndumped
+
+  def hello(name)
+    "Hello, #{name}, from an SSL-encrypted server!"
+  end
+end
+
+puts "PSSST! Password is 5678"
+
+config = Hash.new
+config[:verbose] = true
+config[:SSLPrivateKey] = OpenSSL::PKey::RSA.new File.read("host/host_keypair.pem")
+config[:SSLCertificate] =
+  OpenSSL::X509::Certificate.new File.read("host/cert_host.pem")
+
+if require_client_cert then
+  config[:SSLVerifyMode] = OpenSSL::SSL::VERIFY_PEER |
+                           OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
+  config[:SSLCACertificateFile] = "CA/cacert.pem"
+  config[:SSLVerifyCallback] = proc do |ok, store|
+    p :SSLVerifyCallback_args => [ok, store.error_string]
+    ok
+  end
+end
+
+DRb.start_service(here, HelloWorld.new, config)
+puts DRb.uri
+DRb.thread.join

data/sample/qc_config

@@ -0,0 +1,17 @@
+CA[:hostname] = 'host'
+CA[:domainname] = 'host.example.com'
+CA[:CA_dir] = File.join Dir.pwd, "CA"
+CA[:password] = '1234'
+
+CERTS << {
+  :type => 'server',
+  :hostname => 'host',
+  :password => '5678',
+}
+
+CERTS << {
+  :type => 'client',
+  :user => 'user',
+  :email => 'user@example.com',
+}
+

metadata

@@ -0,0 +1,105 @@
+--- !ruby/object:Gem::Specification 
+name: quick_cert
+version: !ruby/object:Gem::Version 
+  version: "2.0"
+platform: ruby
+authors: 
+- Eric Hodel
+autorequire: 
+bindir: bin
+cert_chain: 
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDNjCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
+  YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
+  ZXQwHhcNMDcxMjIxMDIwNDE0WhcNMDgxMjIwMDIwNDE0WjBBMRAwDgYDVQQDDAdk
+  cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
+  FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
+  LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
+  U5ddZCVywn5nnAQ+Ui7jMW54CYt5/H6f2US6U0hQOjJR6cpfiymgxGdfyTiVcvTm
+  Gj/okWrQl0NjYOYBpDi+9PPmaH2RmLJu0dB/NylsDnW5j6yN1BEI8MfJRR+HRKZY
+  mUtgzBwF1V4KIZQ8EuL6I/nHVu07i6IkrpAgxpXUfdJQJi0oZAqXurAV3yTxkFwd
+  g62YrrW26mDe+pZBzR6bpLE+PmXCzz7UxUq3AE0gPHbiMXie3EFE0oxnsU3lIduh
+  sCANiQ8BAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+  BBS5k4Z75VSpdM0AclG2UvzFA/VW5DANBgkqhkiG9w0BAQUFAAOCAQEAHagT4lfX
+  kP/hDaiwGct7XPuVGbrOsKRVD59FF5kETBxEc9UQ1clKWngf8JoVuEoKD774dW19
+  bU0GOVWO+J6FMmT/Cp7nuFJ79egMf/gy4gfUfQMuvfcr6DvZUPIs9P/TlK59iMYF
+  DIOQ3DxdF3rMzztNUCizN4taVscEsjCcgW6WkUJnGdqlu3OHWpQxZBJkBTjPCoc6
+  UW6on70SFPmAy/5Cq0OJNGEWBfgD9q7rrs/X8GGwUWqXb85RXnUVi/P8Up75E0ag
+  14jEc90kN+C7oI/AGCBN0j6JnEtYIEJZibjjDJTSMWlUKKkj30kq7hlUC2CepJ4v
+  x52qPcexcYZR7w==
+  -----END CERTIFICATE-----
+
+date: 2009-04-16 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.12.1
+    version: 
+description: |-
+  quick_cert allows you to quickly and easily create SSL certificates.  It uses
+  a simple configuration file to generate self-signed client and server
+  certificates.
+email: 
+- drbrain@segment7.net
+executables: 
+- quick_cert
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- README.txt
+- sample/DRb_README.txt
+files: 
+- .document
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- bin/quick_cert
+- lib/.document
+- lib/quick_cert.rb
+- lib/quick_cert/defaults.rb
+- sample/DRb_README.txt
+- sample/drbssl_c.rb
+- sample/drbssl_s.rb
+- sample/qc_config
+has_rdoc: true
+homepage: http://seattlerb.rubyforge.org/quick_cert
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: seattlerb
+rubygems_version: 1.3.2
+signing_key: 
+specification_version: 3
+summary: quick_cert allows you to quickly and easily create SSL certificates
+test_files: []
+