r509 0.8

data/doc/class_list.html

@@ -0,0 +1,53 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    
+      <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
+    
+      <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+    
+
+    
+      <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+    
+      <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
+    
+
+    <base id="base_target" target="_parent" />
+  </head>
+  <body>
+    <script type="text/javascript" charset="utf-8">
+      if (window.top.frames.main) {
+        document.getElementById('base_target').target = 'main';
+        document.body.className = 'frames';
+      }
+    </script>
+    <div id="content">
+      <h1 id="full_list_header">Class List</h1>
+      <div id="nav">
+        
+          <span><a target="_self" href="class_list.html">
+            Classes
+          </a></span>
+        
+          <span><a target="_self" href="method_list.html">
+            Methods
+          </a></span>
+        
+          <span><a target="_self" href="file_list.html">
+            Files
+          </a></span>
+        
+      </div>
+      <div id="search">Search: <input type="text" /></div>
+
+      <ul id="full_list" class="class">
+        <li><span class='object_link'><a href="top-level-namespace.html" title=" (root)">Top Level Namespace</a></span></li>
+<li><a class='toggle'></a> <span class='object_link'><a href="R509.html" title="R509 (module)">R509</a></span><small class='search_info'>Top Level Namespace</small></li><ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/Cert.html" title="R509::Cert (class)">Cert</a></span> &lt; Object<small class='search_info'>R509</small></li><ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/Cert/Extensions.html" title="R509::Cert::Extensions (module)">Extensions</a></span><small class='search_info'>R509::Cert</small></li><ul><li><span class='object_link'><a href="R509/Cert/Extensions/AuthorityInfoAccess.html" title="R509::Cert::Extensions::AuthorityInfoAccess (class)">AuthorityInfoAccess</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/AuthorityKeyIdentifier.html" title="R509::Cert::Extensions::AuthorityKeyIdentifier (class)">AuthorityKeyIdentifier</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/BasicConstraints.html" title="R509::Cert::Extensions::BasicConstraints (class)">BasicConstraints</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/CrlDistributionPoints.html" title="R509::Cert::Extensions::CrlDistributionPoints (class)">CrlDistributionPoints</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/ExtendedKeyUsage.html" title="R509::Cert::Extensions::ExtendedKeyUsage (class)">ExtendedKeyUsage</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/KeyUsage.html" title="R509::Cert::Extensions::KeyUsage (class)">KeyUsage</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/SubjectAlternativeName.html" title="R509::Cert::Extensions::SubjectAlternativeName (class)">SubjectAlternativeName</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li><li><span class='object_link'><a href="R509/Cert/Extensions/SubjectKeyIdentifier.html" title="R509::Cert::Extensions::SubjectKeyIdentifier (class)">SubjectKeyIdentifier</a></span> &lt; Extension<small class='search_info'>R509::Cert::Extensions</small></li></ul></ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/CertificateAuthority.html" title="R509::CertificateAuthority (module)">CertificateAuthority</a></span><small class='search_info'>R509</small></li><ul><li><span class='object_link'><a href="R509/CertificateAuthority/Signer.html" title="R509::CertificateAuthority::Signer (class)">Signer</a></span> &lt; Object<small class='search_info'>R509::CertificateAuthority</small></li></ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/Config.html" title="R509::Config (module)">Config</a></span><small class='search_info'>R509</small></li><ul><li><span class='object_link'><a href="R509/Config/CaConfig.html" title="R509::Config::CaConfig (class)">CaConfig</a></span> &lt; Object<small class='search_info'>R509::Config</small></li><li><span class='object_link'><a href="R509/Config/CaConfigPool.html" title="R509::Config::CaConfigPool (class)">CaConfigPool</a></span> &lt; Object<small class='search_info'>R509::Config</small></li><li><span class='object_link'><a href="R509/Config/CaProfile.html" title="R509::Config::CaProfile (class)">CaProfile</a></span> &lt; Object<small class='search_info'>R509::Config</small></li><li><span class='object_link'><a href="R509/Config/SubjectItemPolicy.html" title="R509::Config::SubjectItemPolicy (class)">SubjectItemPolicy</a></span> &lt; Object<small class='search_info'>R509::Config</small></li></ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/Crl.html" title="R509::Crl (module)">Crl</a></span><small class='search_info'>R509</small></li><ul><li><span class='object_link'><a href="R509/Crl/Administrator.html" title="R509::Crl::Administrator (class)">Administrator</a></span> &lt; Object<small class='search_info'>R509::Crl</small></li><li><span class='object_link'><a href="R509/Crl/Parser.html" title="R509::Crl::Parser (class)">Parser</a></span> &lt; Object<small class='search_info'>R509::Crl</small></li></ul><li><span class='object_link'><a href="R509/Csr.html" title="R509::Csr (class)">Csr</a></span> &lt; Object<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/IOHelpers.html" title="R509::IOHelpers (module)">IOHelpers</a></span><small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/MessageDigest.html" title="R509::MessageDigest (class)">MessageDigest</a></span> &lt; Object<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/NameSanitizer.html" title="R509::NameSanitizer (class)">NameSanitizer</a></span> &lt; Object<small class='search_info'>R509</small></li><li><a class='toggle'></a> <span class='object_link'><a href="R509/Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span><small class='search_info'>R509</small></li><ul><li><a class='toggle'></a> <span class='object_link'><a href="R509/Ocsp/Request.html" title="R509::Ocsp::Request (module)">Request</a></span><small class='search_info'>R509::Ocsp</small></li><ul><li><span class='object_link'><a href="R509/Ocsp/Request/Nonce.html" title="R509::Ocsp::Request::Nonce (module)">Nonce</a></span><small class='search_info'>R509::Ocsp::Request</small></li></ul><li><span class='object_link'><a href="R509/Ocsp/Response.html" title="R509::Ocsp::Response (class)">Response</a></span> &lt; Object<small class='search_info'>R509::Ocsp</small></li></ul><li><span class='object_link'><a href="R509/OidMapper.html" title="R509::OidMapper (class)">OidMapper</a></span> &lt; Object<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/PrivateKey.html" title="R509::PrivateKey (class)">PrivateKey</a></span> &lt; Object<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/R509Error.html" title="R509::R509Error (class)">R509Error</a></span> &lt; StandardError<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/Spki.html" title="R509::Spki (class)">Spki</a></span> &lt; Object<small class='search_info'>R509</small></li><li><span class='object_link'><a href="R509/Subject.html" title="R509::Subject (class)">Subject</a></span> &lt; Object<small class='search_info'>R509</small></li><li><a class='toggle'></a> <span class='object_link'><a href="R509/Validity.html" title="R509::Validity (module)">Validity</a></span><small class='search_info'>R509</small></li><ul><li><span class='object_link'><a href="R509/Validity/Checker.html" title="R509::Validity::Checker (class)">Checker</a></span> &lt; Object<small class='search_info'>R509::Validity</small></li><li><span class='object_link'><a href="R509/Validity/DefaultChecker.html" title="R509::Validity::DefaultChecker (class)">DefaultChecker</a></span> &lt; Checker<small class='search_info'>R509::Validity</small></li><li><span class='object_link'><a href="R509/Validity/DefaultWriter.html" title="R509::Validity::DefaultWriter (class)">DefaultWriter</a></span> &lt; Writer<small class='search_info'>R509::Validity</small></li><li><span class='object_link'><a href="R509/Validity/Status.html" title="R509::Validity::Status (class)">Status</a></span> &lt; Object<small class='search_info'>R509::Validity</small></li><li><span class='object_link'><a href="R509/Validity/Writer.html" title="R509::Validity::Writer (class)">Writer</a></span> &lt; Object<small class='search_info'>R509::Validity</small></li></ul></ul>
+
+      </ul>
+    </div>
+  </body>
+</html>

data/doc/css/common.css

@@ -0,0 +1 @@
+/* Override this file with custom rules */

data/doc/css/full_list.css

@@ -0,0 +1,57 @@
+body {
+  margin: 0;
+  font-family: "Lucida Sans", "Lucida Grande", Verdana, Arial, sans-serif;
+  font-size: 13px;
+  height: 101%;
+  overflow-x: hidden;
+}
+
+h1 { padding: 12px 10px; padding-bottom: 0; margin: 0; font-size: 1.4em; }
+.clear { clear: both; }
+#search { position: absolute; right: 5px; top: 9px; padding-left: 24px; }
+#content.insearch #search, #content.insearch #noresults { background: url(data:image/gif;base64,R0lGODlhEAAQAPYAAP///wAAAPr6+pKSkoiIiO7u7sjIyNjY2J6engAAAI6OjsbGxjIyMlJSUuzs7KamppSUlPLy8oKCghwcHLKysqSkpJqamvT09Pj4+KioqM7OzkRERAwMDGBgYN7e3ujo6Ly8vCoqKjY2NkZGRtTU1MTExDw8PE5OTj4+PkhISNDQ0MrKylpaWrS0tOrq6nBwcKysrLi4uLq6ul5eXlxcXGJiYoaGhuDg4H5+fvz8/KKiohgYGCwsLFZWVgQEBFBQUMzMzDg4OFhYWBoaGvDw8NbW1pycnOLi4ubm5kBAQKqqqiQkJCAgIK6urnJyckpKSjQ0NGpqatLS0sDAwCYmJnx8fEJCQlRUVAoKCggICLCwsOTk5ExMTPb29ra2tmZmZmhoaNzc3KCgoBISEiIiIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCAAAACwAAAAAEAAQAAAHaIAAgoMgIiYlg4kACxIaACEJCSiKggYMCRselwkpghGJBJEcFgsjJyoAGBmfggcNEx0flBiKDhQFlIoCCA+5lAORFb4AJIihCRbDxQAFChAXw9HSqb60iREZ1omqrIPdJCTe0SWI09GBACH5BAkIAAAALAAAAAAQABAAAAdrgACCgwc0NTeDiYozCQkvOTo9GTmDKy8aFy+NOBA7CTswgywJDTIuEjYFIY0JNYMtKTEFiRU8Pjwygy4ws4owPyCKwsMAJSTEgiQlgsbIAMrO0dKDGMTViREZ14kYGRGK38nHguHEJcvTyIEAIfkECQgAAAAsAAAAABAAEAAAB2iAAIKDAggPg4iJAAMJCRUAJRIqiRGCBI0WQEEJJkWDERkYAAUKEBc4Po1GiKKJHkJDNEeKig4URLS0ICImJZAkuQAhjSi/wQyNKcGDCyMnk8u5rYrTgqDVghgZlYjcACTA1sslvtHRgQAh+QQJCAAAACwAAAAAEAAQAAAHZ4AAgoOEhYaCJSWHgxGDJCQARAtOUoQRGRiFD0kJUYWZhUhKT1OLhR8wBaaFBzQ1NwAlkIszCQkvsbOHL7Y4q4IuEjaqq0ZQD5+GEEsJTDCMmIUhtgk1lo6QFUwJVDKLiYJNUd6/hoEAIfkECQgAAAAsAAAAABAAEAAAB2iAAIKDhIWGgiUlh4MRgyQkjIURGRiGGBmNhJWHm4uen4ICCA+IkIsDCQkVACWmhwSpFqAABQoQF6ALTkWFnYMrVlhWvIKTlSAiJiVVPqlGhJkhqShHV1lCW4cMqSkAR1ofiwsjJyqGgQAh+QQJCAAAACwAAAAAEAAQAAAHZ4AAgoOEhYaCJSWHgxGDJCSMhREZGIYYGY2ElYebi56fhyWQniSKAKKfpaCLFlAPhl0gXYNGEwkhGYREUywag1wJwSkHNDU3D0kJYIMZQwk8MjPBLx9eXwuETVEyAC/BOKsuEjYFhoEAIfkECQgAAAAsAAAAABAAEAAAB2eAAIKDhIWGgiUlh4MRgyQkjIURGRiGGBmNhJWHm4ueICImip6CIQkJKJ4kigynKaqKCyMnKqSEK05StgAGQRxPYZaENqccFgIID4KXmQBhXFkzDgOnFYLNgltaSAAEpxa7BQoQF4aBACH5BAkIAAAALAAAAAAQABAAAAdogACCg4SFggJiPUqCJSWGgkZjCUwZACQkgxGEXAmdT4UYGZqCGWQ+IjKGGIUwPzGPhAc0NTewhDOdL7Ykji+dOLuOLhI2BbaFETICx4MlQitdqoUsCQ2vhKGjglNfU0SWmILaj43M5oEAOwAAAAAAAAAAAA==) no-repeat center left; }
+#full_list { padding: 0; list-style: none; margin-left: 0; }
+#full_list ul { padding: 0; }
+#full_list li { padding: 5px; padding-left: 12px; margin: 0; font-size: 1.1em; list-style: none; }
+#noresults { padding: 7px 12px; }
+#content.insearch #noresults { margin-left: 7px; }
+ul.collapsed ul, ul.collapsed li { display: none; }
+ul.collapsed.search_uncollapsed { display: block; }
+ul.collapsed.search_uncollapsed li { display: list-item; }
+li a.toggle { cursor: default; position: relative; left: -5px; top: 4px; text-indent: -999px; width: 10px; height: 9px; margin-left: -10px; display: block; float: left; background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAASCAYAAABb0P4QAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAK8AAACvABQqw0mAAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTM5jWRgMAAAAVdEVYdENyZWF0aW9uIFRpbWUAMy8xNC8wOeNZPpQAAAE2SURBVDiNrZTBccIwEEXfelIAHUA6CZ24BGaWO+FuzZAK4k6gg5QAdGAq+Bxs2Yqx7BzyL7Llp/VfzZeQhCTc/ezuGzKKnKSzpCxXJM8fwNXda3df5RZETlIt6YUzSQDs93sl8w3wBZxCCE10GM1OcWbWjB2mWgEH4Mfdyxm3PSepBHibgQE2wLe7r4HjEidpnXMYdQPKEMJcsZ4zs2POYQOcaPfwMVOo58zsAdMt18BuoVDPxUJRacELbXv3hUIX2vYmOUvi8C8ydz/ThjXrqKqqLbDIAdsCKBd+Wo7GWa7o9qzOQHVVVXeAbs+yHHCH4aTsaCOQqunmUy1yBUAXkdMIfMlgF5EXLo2OpV/c/Up7jG4hhHcYLgWzAZXUc2b2ixsfvc/RmNNfOXD3Q/oeL9axJE1yT9IOoUu6MGUkAAAAAElFTkSuQmCC) no-repeat bottom left; }
+li.collapsed a.toggle { opacity: 0.5; cursor: default; background-position: top left; }
+li { color: #888; cursor: pointer; }
+li.deprecated { text-decoration: line-through; font-style: italic; }
+li.r1 { background: #f0f0f0; }
+li.r2 { background: #fafafa; }
+li:hover { background: #ddd; }
+li small:before { content: "("; }
+li small:after { content: ")"; }
+li small.search_info { display: none; }
+a:link, a:visited { text-decoration: none; color: #05a; }
+li.clicked { background: #05a; color: #ccc; }
+li.clicked a:link, li.clicked a:visited { color: #eee; }
+li.clicked a.toggle { opacity: 0.5; background-position: bottom right; }
+li.collapsed.clicked a.toggle { background-position: top right; }
+#search input { border: 1px solid #bbb; -moz-border-radius: 3px; -webkit-border-radius: 3px; }
+#nav { margin-left: 10px; font-size: 0.9em; display: none; color: #aaa; }
+#nav a:link, #nav a:visited { color: #358; }
+#nav a:hover { background: transparent; color: #5af; }
+.frames #nav span:after { content: ' | '; }
+.frames #nav span:last-child:after { content: ''; }
+
+.frames #content h1 { margin-top: 0; }
+.frames li { white-space: nowrap; cursor: normal; }
+.frames li small { display: block; font-size: 0.8em; }
+.frames li small:before { content: ""; }
+.frames li small:after { content: ""; }
+.frames li small.search_info { display: none; }
+.frames #search { width: 170px; position: static; margin: 3px; margin-left: 10px; font-size: 0.9em; color: #888; padding-left: 0; padding-right: 24px; }
+.frames #content.insearch #search { background-position: center right; }
+.frames #search input { width: 110px; }
+.frames #nav { display: block; }
+
+#full_list.insearch li { display: none; }
+#full_list.insearch li.found { display: list-item; padding-left: 10px; }
+#full_list.insearch li a.toggle { display: none; }
+#full_list.insearch li small.search_info { display: block; }

data/doc/css/style.css

@@ -0,0 +1,328 @@
+body {
+  padding: 0 20px;
+  font-family: "Lucida Sans", "Lucida Grande", Verdana, Arial, sans-serif;
+  font-size: 13px;
+}
+body.frames { padding: 0 5px; }
+h1 { font-size: 25px; margin: 1em 0 0.5em; padding-top: 4px; border-top: 1px dotted #d5d5d5; }
+h1.noborder { border-top: 0px; margin-top: 0; padding-top: 4px; }
+h1.title { margin-bottom: 10px; }
+h1.alphaindex { margin-top: 0; font-size: 22px; }
+h2 {
+  padding: 0;
+  padding-bottom: 3px;
+  border-bottom: 1px #aaa solid;
+  font-size: 1.4em;
+  margin: 1.8em 0 0.5em;
+}
+h2 small { font-weight: normal; font-size: 0.7em; display: block; float: right; }
+.clear { clear: both; }
+.inline { display: inline; }
+.inline p:first-child { display: inline; }
+.docstring h1, .docstring h2, .docstring h3, .docstring h4 { padding: 0; border: 0; border-bottom: 1px dotted #bbb; }
+.docstring h1 { font-size: 1.2em; }
+.docstring h2 { font-size: 1.1em; }
+.docstring h3, .docstring h4 { font-size: 1em; border-bottom: 0; padding-top: 10px; }
+.summary_desc .object_link, .docstring .object_link { font-family: monospace; }
+.rdoc-term { padding-right: 25px; font-weight: bold; }
+.rdoc-list p { margin: 0; padding: 0; margin-bottom: 4px; }
+
+/* style for <ul> */
+#filecontents li > p, .docstring li > p { margin: 0px; }
+#filecontents ul, .docstring ul { padding-left: 20px; }
+/* style for <dl> */
+#filecontents dl, .docstring dl { border: 1px solid #ccc; }
+#filecontents dt, .docstring dt { background: #ddd; font-weight: bold; padding: 3px 5px; }
+#filecontents dd, .docstring dd { padding: 5px 0px; margin-left: 18px; }
+#filecontents dd > p, .docstring dd > p { margin: 0px; }
+
+.note {
+  color: #222;
+  -moz-border-radius: 3px; -webkit-border-radius: 3px;
+  background: #e3e4e3; border: 1px solid #d5d5d5; padding: 7px 10px;
+  display: block;
+}
+.note.todo { background: #ffffc5; border-color: #ececaa; }
+.note.returns_void { background: #efefef; }
+.note.deprecated { background: #ffe5e5; border-color: #e9dada; }
+.note.private { background: #ffffc5; border-color: #ececaa; }
+.note.title { padding: 1px 5px; font-size: 0.9em; font-family: "Lucida Sans", "Lucida Grande", Verdana, Arial, sans-serif; display: inline; }
+.summary_signature + .note.title { margin-left: 7px; }
+h1 .note.title { font-size: 0.5em; font-weight: normal; padding: 3px 5px; position: relative; top: -3px; text-transform: capitalize; }
+.note.title.constructor { color: #fff; background: #6a98d6; border-color: #6689d6; }
+.note.title.writeonly { color: #fff; background: #45a638; border-color: #2da31d; }
+.note.title.readonly { color: #fff; background: #6a98d6; border-color: #6689d6; }
+.note.title.private { background: #d5d5d5; border-color: #c5c5c5; }
+.note.title.not_defined_here { background: transparent; border: none; font-style: italic; }
+.discussion .note { margin-top: 6px; }
+.discussion .note:first-child { margin-top: 0; }
+
+h3.inherited {
+  font-style: italic;
+  font-family: "Lucida Sans", "Lucida Grande", Verdana, Arial, sans-serif;
+  font-weight: normal;
+  padding: 0;
+  margin: 0;
+  margin-top: 12px;
+  margin-bottom: 3px;
+  font-size: 13px;
+}
+p.inherited {
+  padding: 0;
+  margin: 0;
+  margin-left: 25px;
+}
+
+#filecontents dl.box, dl.box {
+  border: 0;
+  width: 520px;
+  font-size: 1em;
+}
+#filecontents dl.box dt, dl.box dt {
+  float: left;
+  display: block;
+  width: 100px;
+  margin: 0;
+  text-align: right;
+  font-weight: bold;
+  background: transparent;
+  border: 1px solid #aaa;
+  border-width: 1px 0px 0px 1px;
+  padding: 6px 0;
+  padding-right: 10px;
+}
+#filecontents dl.box dd, dl.box dd {
+  float: left;
+  display: block;
+  width: 380px;
+  margin: 0;
+  padding: 6px 0;
+  padding-right: 20px;
+  border: 1px solid #aaa;
+  border-width: 1px 1px 0 0;
+}
+#filecontents dl.box .last, dl.box .last {
+  border-bottom: 1px solid #aaa;
+}
+#filecontents dl.box .r1, dl.box .r1 { background: #eee; }
+
+ul.toplevel { list-style: none; padding-left: 0; font-size: 1.1em; }
+.index_inline_list { padding-left: 0; font-size: 1.1em; }
+.index_inline_list li { list-style: none; display: inline; padding: 7px 12px; line-height: 35px; }
+
+dl.constants { margin-left: 40px; }
+dl.constants dt { font-weight: bold; font-size: 1.1em; margin-bottom: 5px; }
+dl.constants dd { width: 75%; white-space: pre; font-family: monospace; margin-bottom: 18px; }
+
+.summary_desc { margin-left: 32px; display: block; font-family: sans-serif; }
+.summary_desc tt { font-size: 0.9em; }
+dl.constants .note { padding: 2px 6px; padding-right: 12px; margin-top: 6px; }
+dl.constants .docstring { margin-left: 32px; font-size: 0.9em; font-weight: normal; }
+dl.constants .tags { padding-left: 32px; font-size: 0.9em; line-height: 0.8em; }
+dl.constants .discussion *:first-child { margin-top: 0; }
+dl.constants .discussion *:last-child { margin-bottom: 0; }
+
+.method_details { border-top: 1px dotted #aaa; margin-top: 15px; padding-top: 0; }
+.method_details.first { border: 0; }
+p.signature, h3.signature {
+  font-size: 1.1em; font-weight: normal; font-family: Monaco, Consolas, Courier, monospace;
+  padding: 6px 10px; margin-top: 18px;
+  background: #e5e8ff; border: 1px solid #d8d8e5; -moz-border-radius: 3px; -webkit-border-radius: 3px;
+}
+p.signature tt,
+h3.signature tt { font-family: Monaco, Consolas, Courier, monospace; }
+p.signature .overload,
+h3.signature .overload { display: block; }
+p.signature .extras,
+h3.signature .extras { font-weight: normal; font-family: sans-serif; color: #444; font-size: 1em; }
+p.signature .not_defined_here,
+h3.signature .not_defined_here,
+p.signature .aliases,
+h3.signature .aliases { display: block; font-weight: normal; font-size: 0.9em; font-family: sans-serif; margin-top: 0px; color: #555; }
+p.signature .aliases .names,
+h3.signature .aliases .names { font-family: Monaco, Consolas, Courier, monospace; font-weight: bold; color: #000; font-size: 1.2em; }
+
+.tags .tag_title { font-size: 1em; margin-bottom: 0; font-weight: bold; }
+.tags ul { margin-top: 5px; padding-left: 30px; list-style: square; }
+.tags ul li { margin-bottom: 3px; }
+.tags ul .name { font-family: monospace; font-weight: bold; }
+.tags ul .note { padding: 3px 6px; }
+.tags { margin-bottom: 12px; }
+
+.tags .examples .tag_title { margin-bottom: 10px; font-weight: bold; }
+.tags .examples .inline p { padding: 0; margin: 0; margin-left: 15px; font-weight: bold; font-size: 0.9em; }
+
+.tags .overload .overload_item { list-style: none; margin-bottom: 25px; }
+.tags .overload .overload_item .signature {
+  padding: 2px 8px;
+  background: #e5e8ff; border: 1px solid #d8d8e5; -moz-border-radius: 3px; -webkit-border-radius: 3px;
+}
+.tags .overload .signature { margin-left: -15px; font-family: monospace; display: block; font-size: 1.1em; }
+.tags .overload .docstring { margin-top: 15px; }
+
+.defines { display: none; }
+
+#method_missing_details .notice.this { position: relative; top: -8px; color: #888; padding: 0; margin: 0; }
+
+.showSource { font-size: 0.9em; }
+.showSource a:link, .showSource a:visited { text-decoration: none; color: #666; }
+
+#content a:link, #content a:visited { text-decoration: none; color: #05a; }
+#content a:hover { background: #ffffa5; }
+div.docstring, p.docstring { margin-right: 6em; }
+
+ul.summary {
+  list-style: none;
+  font-family: monospace;
+  font-size: 1em;
+  line-height: 1.5em;
+}
+ul.summary a:link, ul.summary a:visited {
+  text-decoration: none; font-size: 1.1em;
+}
+ul.summary li { margin-bottom: 5px; }
+.summary .summary_signature {
+  padding: 1px 10px;
+  background: #eaeaff; border: 1px solid #dfdfe5;
+  -moz-border-radius: 3px; -webkit-border-radius: 3px;
+}
+.summary_signature:hover { background: #eeeeff; cursor: pointer; }
+ul.summary.compact li { display: inline-block; margin: 0px 5px 0px 0px; line-height: 2.6em;}
+ul.summary.compact .summary_signature { padding: 5px 7px; padding-right: 4px; }
+#content .summary_signature:hover a:link,
+#content .summary_signature:hover a:visited {
+  background: transparent;
+  color: #48f;
+}
+
+p.inherited a { font-family: monospace; font-size: 0.9em; }
+p.inherited { word-spacing: 5px; font-size: 1.2em; }
+
+p.children { font-size: 1.2em; }
+p.children a { font-size: 0.9em; }
+p.children strong { font-size: 0.8em; }
+p.children strong.modules { padding-left: 5px; }
+
+ul.fullTree { display: none; padding-left: 0; list-style: none; margin-left: 0; margin-bottom: 10px; }
+ul.fullTree ul { margin-left: 0; padding-left: 0; list-style: none; }
+ul.fullTree li { text-align: center; padding-top: 18px; padding-bottom: 12px; background: url(data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAYAAACNMs+9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAAHtJREFUeNqMzrEJAkEURdGzuhgZbSoYWcAWoBVsB4JgZAGmphsZCZYzTQgWNCYrDN9RvMmHx+X916SUBFbo8CzD1idXrLErw1mQttgXtyrOcQ/Ny5p4Qh+2XqLYYazsPWNTiuMkRxa4vcV+evuNAUOLIx5+c2hyzv7hNQC67Q+/HHmlEwAAAABJRU5ErkJggg==) no-repeat top center; }
+ul.fullTree li:first-child { padding-top: 0; background: transparent; }
+ul.fullTree li:last-child { padding-bottom: 0; }
+.showAll ul.fullTree { display: block; }
+.showAll .inheritName { display: none; }
+
+#search { position: absolute; right: 14px; top: 0px; }
+#search a:link, #search a:visited {
+  display: block; float: left; margin-right: 4px;
+  padding: 8px 10px; text-decoration: none; color: #05a;
+  border: 1px solid #d8d8e5;
+  -moz-border-radius-bottomleft: 3px; -moz-border-radius-bottomright: 3px;
+  -webkit-border-bottom-left-radius: 3px; -webkit-border-bottom-right-radius: 3px;
+  background: #eaf0ff;
+  -webkit-box-shadow: -1px 1px 3px #ddd;
+}
+#search a:hover { background: #f5faff; color: #06b; }
+#search a.active {
+  background: #568; padding-bottom: 20px; color: #fff; border: 1px solid #457;
+  -moz-border-radius-topleft: 5px; -moz-border-radius-topright: 5px;
+  -webkit-border-top-left-radius: 5px; -webkit-border-top-right-radius: 5px;
+}
+#search a.inactive { color: #999; }
+.frames #search { display: none; }
+.inheritanceTree, .toggleDefines { float: right; }
+
+#menu { font-size: 1.3em; color: #bbb; top: -5px; position: relative; }
+#menu .title, #menu a { font-size: 0.7em; }
+#menu .title a { font-size: 1em; }
+#menu .title { color: #555; }
+#menu a:link, #menu a:visited { color: #333; text-decoration: none; border-bottom: 1px dotted #bbd; }
+#menu a:hover { color: #05a; }
+#menu .noframes { display: inline; }
+.frames #menu .noframes { display: inline; float: right; }
+
+#footer { margin-top: 15px; border-top: 1px solid #ccc; text-align: center; padding: 7px 0; color: #999; }
+#footer a:link, #footer a:visited { color: #444; text-decoration: none; border-bottom: 1px dotted #bbd; }
+#footer a:hover { color: #05a; }
+
+#listing ul.alpha { font-size: 1.1em; }
+#listing ul.alpha { margin: 0; padding: 0; padding-bottom: 10px; list-style: none; }
+#listing ul.alpha li.letter { font-size: 1.4em; padding-bottom: 10px; }
+#listing ul.alpha ul { margin: 0; padding-left: 15px; }
+#listing ul small { color: #666; font-size: 0.7em; }
+
+li.r1 { background: #f0f0f0; }
+li.r2 { background: #fafafa; }
+
+#search_frame {
+  z-index: 9999;
+  background: #fff;
+  display: none;
+  position: absolute;
+  top: 36px;
+  right: 18px;
+  width: 500px;
+  height: 80%;
+  overflow-y: scroll;
+  border: 1px solid #999;
+  border-collapse: collapse;
+  -webkit-box-shadow: -7px 5px 25px #aaa;
+  -moz-box-shadow: -7px 5px 25px #aaa;
+  -moz-border-radius: 2px;
+  -webkit-border-radius: 2px;
+}
+
+#content ul.summary li.deprecated .summary_signature a:link,
+#content ul.summary li.deprecated .summary_signature a:visited { text-decoration: line-through; font-style: italic; }
+
+#toc {
+  padding: 20px; padding-right: 30px; border: 1px solid #ddd; float: right; background: #fff; margin-left: 20px; margin-bottom: 20px;
+  max-width: 300px;
+  -webkit-box-shadow: -2px 2px 6px #bbb;
+  -moz-box-shadow: -2px 2px 6px #bbb;
+  z-index: 5000;
+  position: relative;
+}
+#toc.nofloat { float: none; max-width: none; border: none; padding: 0; margin: 20px 0; -webkit-box-shadow: none; -moz-box-shadow: none; }
+#toc.nofloat.hidden { padding: 0; background: 0; margin-bottom: 5px; }
+#toc .title { margin: 0; }
+#toc ol { padding-left: 1.8em; }
+#toc li { font-size: 1.1em; line-height: 1.7em; }
+#toc > ol > li { font-size: 1.1em; font-weight: bold; }
+#toc ol > ol { font-size: 0.9em; }
+#toc ol ol > ol { padding-left: 2.3em; }
+#toc ol + li { margin-top: 0.3em; }
+#toc.hidden { padding: 10px; background: #f6f6f6; -webkit-box-shadow: none; -moz-box-shadow: none; }
+#filecontents h1 + #toc.nofloat { margin-top: 0; }
+
+/* syntax highlighting */
+.source_code { display: none; padding: 3px 8px; border-left: 8px solid #ddd; margin-top: 5px; }
+#filecontents pre.code, .docstring pre.code, .source_code pre { font-family: monospace; }
+#filecontents pre.code, .docstring pre.code { display: block; }
+.source_code .lines { padding-right: 12px; color: #555; text-align: right; }
+#filecontents pre.code, .docstring pre.code,
+.tags pre.example { padding: 5px 12px; margin-top: 4px; border: 1px solid #eef; background: #f5f5ff; }
+pre.code { color: #000; }
+pre.code .info.file { color: #555; }
+pre.code .val { color: #036A07; }
+pre.code .tstring_content,
+pre.code .heredoc_beg, pre.code .heredoc_end,
+pre.code .qwords_beg, pre.code .qwords_end,
+pre.code .tstring, pre.code .dstring { color: #036A07; }
+pre.code .fid, pre.code .rubyid_new, pre.code .rubyid_to_s,
+pre.code .rubyid_to_sym, pre.code .rubyid_to_f,
+pre.code .dot + pre.code .id,
+pre.code .rubyid_to_i pre.code .rubyid_each { color: #0085FF; }
+pre.code .comment { color: #0066FF; }
+pre.code .const, pre.code .constant { color: #585CF6; }
+pre.code .symbol { color: #C5060B; }
+pre.code .kw,
+pre.code .label,
+pre.code .rubyid_require,
+pre.code .rubyid_extend,
+pre.code .rubyid_include { color: #0000FF; }
+pre.code .ivar { color: #318495; }
+pre.code .gvar,
+pre.code .rubyid_backref,
+pre.code .rubyid_nth_ref { color: #6D79DE; }
+pre.code .regexp, .dregexp { color: #036A07; }
+pre.code a { border-bottom: 1px dotted #bbf; }

data/doc/file.README.html

@@ -0,0 +1,534 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<title>
+  File: README
+  
+    &mdash; Documentation by YARD 0.8.0
+  
+</title>
+
+  <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" charset="utf-8" />
+
+  <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  hasFrames = window.top.frames.main ? true : false;
+  relpath = '';
+  framesUrl = "frames.html#!" + escape(window.location.href);
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div id="header">
+      <div id="menu">
+  
+    <a href="_index.html">Index</a> &raquo; 
+    <span class="title">File: README</span>
+  
+
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+
+      <div id="search">
+  
+    <a class="full_list_link" id="class_list_link"
+        href="class_list.html">
+      Class List
+    </a>
+  
+    <a class="full_list_link" id="method_list_link"
+        href="method_list.html">
+      Method List
+    </a>
+  
+    <a class="full_list_link" id="file_list_link"
+        href="file_list.html">
+      File List
+    </a>
+  
+</div>
+      <div class="clear"></div>
+    </div>
+
+    <iframe id="search_frame"></iframe>
+
+    <div id="content"><div id='filecontents'><h1>r509 <a href="http://travis-ci.org/reaperhulk/r509"><img src="https://secure.travis-ci.org/reaperhulk/r509.png" alt="Build Status"></a></h1>
+
+<p>r509 is a wrapper for various OpenSSL functions to allow easy creation of CSRs, signing of certificates, and revocation via CRL. Together with projects like <a href="https://github.com/reaperhulk/r509-ocsp-responder">r509-ocsp-responder</a> and <a href="https://github.com/sirsean/r509-ca-http">r509-ca-http</a> it is intended to be a complete certificate authority for use in production environments.</p>
+
+<h2>Requirements/Installation</h2>
+
+<p>r509 requires the Ruby OpenSSL bindings as well as yaml support (present by default in modern Ruby builds).
+To install the gem: <code>gem install r509-(version).gem</code></p>
+
+<h2>Running Tests/Building Gem</h2>
+
+<p>If you want to run the tests for r509 you&#39;ll need rspec. Additionally, you may want to install rcov/simplecov (ruby 1.8/1.9 respectively) and yard for running the code coverage and documentation tasks in the Rakefile. <code>rake -T</code> for a complete list of rake tasks available.</p>
+
+<h2>Continuous Integration</h2>
+
+<p>We run continuous integration tests (using Travis-CI) against 1.8.7, 1.9.2, 1.9.3, ree, ruby-head, and rubinius(rbx) 2.0 in 1.9 mode.</p>
+
+<h2>Executable</h2>
+
+<p>Inside the gem there is a bin directory that contains <code>r509</code>. You can use this in interactive mode to generate a CSR and (optionally) self-sign it.</p>
+
+<h2>Usage</h2>
+
+<h3>CSR</h3>
+
+<p>To generate a 2048-bit RSA CSR</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:subject</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>CN</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>somedomain.com</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>O</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>My Org</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>L</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>City</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>ST</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>State</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>C</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>US</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span>
+    <span class='rbracket'>]</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>To load an existing CSR (without private key)</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_csr_pem'>csr_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/csr</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='symbol'>:csr</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_csr_pem'>csr_pem</span><span class='rparen'>)</span>
+<span class='comment'># or
+</span><span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_load_from_file'>load_from_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/csr</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+</code></pre>
+
+<p>To create a new CSR from the subject of a certificate</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_cert_pem'>cert_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='symbol'>:cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert_pem'>cert_pem</span><span class='rparen'>)</span>
+</code></pre>
+
+<p>To create a CSR with SAN names</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:subject</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>CN</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>something.com</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:san_names</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>something2.com</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>something3.com</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<h3>Cert</h3>
+
+<p>To load an existing certificate</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_cert_pem'>cert_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='symbol'>:cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert_pem'>cert_pem</span><span class='rparen'>)</span>
+<span class='comment'># or
+</span><span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_load_from_file'>load_from_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Load a cert and key</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_cert_pem'>cert_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_key_pem'>key_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/key</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert_pem'>cert_pem</span><span class='comma'>,</span>
+    <span class='symbol'>:key</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_key_pem'>key_pem</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>Load an encrypted private key</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_cert_pem'>cert_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_key_pem'>key_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/key</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert_pem'>cert_pem</span><span class='comma'>,</span>
+    <span class='symbol'>:key</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_key_pem'>key_pem</span><span class='comma'>,</span>
+    <span class='symbol'>:password</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>private_key_password</span><span class='tstring_end'>&quot;</span></span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>Load a PKCS12 file</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_pkcs12_der'>pkcs12_der</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/p12</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:pkcs12</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_pkcs12_der'>pkcs12_der</span><span class='comma'>,</span>
+    <span class='symbol'>:password</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>password</span><span class='tstring_end'>&quot;</span></span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<h3>Self-Signed Certificate</h3>
+
+<p>To create a self-signed certificate</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_not_before'>not_before</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+<span class='id identifier rubyid_not_after'>not_after</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='op'>+</span><span class='int'>3600</span><span class='op'>*</span><span class='int'>24</span><span class='op'>*</span><span class='int'>7300</span>
+<span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:subject</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>C</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>US</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>O</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>r509 LLC</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>CN</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>r509 Self-Signed CA Test</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='rbracket'>]</span>
+<span class='rparen'>)</span>
+<span class='id identifier rubyid_ca'>ca</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>CertificateAuthority</span><span class='op'>::</span><span class='const'>Signer</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='id identifier rubyid_ca'>ca</span><span class='period'>.</span><span class='id identifier rubyid_selfsign'>selfsign</span><span class='lparen'>(</span>
+    <span class='symbol'>:csr</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_csr'>csr</span><span class='comma'>,</span>
+    <span class='symbol'>:not_before</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_not_before'>not_before</span><span class='comma'>,</span>
+    <span class='symbol'>:not_after</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_not_after'>not_after</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<h3>Config</h3>
+
+<p>Create a basic CaConfig object</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_cert_pem'>cert_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/cert</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_key_pem'>key_pem</span> <span class='op'>=</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_read'>read</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/path/to/key</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Cert</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert_pem'>cert_pem</span><span class='comma'>,</span>
+    <span class='symbol'>:key</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_key_pem'>key_pem</span>
+<span class='rparen'>)</span>
+<span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfig</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:ca_cert</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_cert'>cert</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>Add a signing profile named &quot;server&quot; (CaProfile) to a config object</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_profile'>profile</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaProfile</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:basic_constraints</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CA:FALSE</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
+    <span class='symbol'>:key_usage</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>digitalSignature</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>keyEncipherment</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:extended_key_usage</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>serverAuth</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:certificate_policies</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>policyIdentifier=2.16.840.1.999999999.1.2.3.4.1</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CPS.1=http://example.com/cps</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:subject_item_policy</span> <span class='op'>=&gt;</span> <span class='kw'>nil</span>
+<span class='rparen'>)</span>
+<span class='comment'># config object from above assumed
+</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_set_profile'>set_profile</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>server</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='id identifier rubyid_profile'>profile</span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Set up a subject item policy (required/optional). The keys must match OpenSSL&#39;s shortnames!</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_profile'>profile</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaProfile</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:basic_constraints</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CA:FALSE</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
+    <span class='symbol'>:key_usage</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>digitalSignature</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>keyEncipherment</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:extended_key_usage</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>serverAuth</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:certificate_policies</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>policyIdentifier=2.16.840.1.999999999.1.2.3.4.1</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CPS.1=http://example.com/cps</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='symbol'>:subject_item_policy</span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span>
+        <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CN</span><span class='tstring_end'>&quot;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>required</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
+        <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>O</span><span class='tstring_end'>&quot;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>optional</span><span class='tstring_end'>&quot;</span></span>
+    <span class='rbrace'>}</span>
+<span class='rparen'>)</span>
+<span class='comment'># config object from above assumed
+</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_set_profile'>set_profile</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>server</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='id identifier rubyid_profile'>profile</span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Load CaConfig + Profile from YAML</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfig</span><span class='period'>.</span><span class='id identifier rubyid_from_yaml'>from_yaml</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>test_ca</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>config_test.yaml</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Example YAML (more options are supported than this example)</p>
+
+<pre class="code yaml"><code>test_ca: {
+    ca_cert: {
+        cert: '/path/to/test_ca.cer',
+        key: '/path/to/test_ca.key'
+    },
+    crl_list: &quot;crl_list_file.txt&quot;,
+    crl_number: &quot;crl_number_file.txt&quot;,
+    cdp_location: 'URI:http://crl.domain.com/test_ca.crl',
+    crl_validity_hours: 168, #7 days
+    ocsp_location: 'URI:http://ocsp.domain.com',
+    message_digest: 'SHA1', #SHA1, SHA256, SHA512 supported. MD5 too, but you really shouldn't use that unless you have a good reason
+    profiles: {
+        server: {
+            basic_constraints: &quot;CA:FALSE&quot;,
+            key_usage: [digitalSignature,keyEncipherment],
+            extended_key_usage: [serverAuth],
+            certificate_policies: [ [ &quot;policyIdentifier=2.16.840.1.9999999999.1.2.3.4.1&quot;, &quot;CPS.1=http://example.com/cps&quot;] ],
+            subject_item_policy: {
+                &quot;CN&quot; : &quot;required&quot;,
+                &quot;O&quot; : &quot;optional&quot;,
+                &quot;ST&quot; : &quot;required&quot;,
+                &quot;C&quot; : &quot;required&quot;,
+                &quot;OU&quot; : &quot;optional&quot; }
+        }
+    }
+}
+</code></pre>
+
+<p>Load multiple CaConfigs using a CaConfigPool</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_pool'>pool</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfigPool</span><span class='period'>.</span><span class='id identifier rubyid_from_yaml'>from_yaml</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>certificate_authorities</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>config_pool.yaml</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Example (Minimal) Config Pool YAML</p>
+
+<pre class="code yaml"><code>certificate_authorities: {
+    test_ca: {
+        ca_cert: {
+            cert: 'test_ca.cer',
+            key: 'test_ca.key'
+        }
+    },
+    second_ca: {
+        ca_cert: {
+            cert: 'second_ca.cer',
+            key: 'second_ca.key'
+        }
+    }
+}
+</code></pre>
+
+<h3>CertificateAuthority</h3>
+
+<p>Sign a CSR</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:subject</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>CN</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>somedomain.com</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>O</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>My Org</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>L</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>City</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>ST</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>State</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>C</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>US</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span>
+    <span class='rbracket'>]</span>
+<span class='rparen'>)</span>
+<span class='comment'># assume config from yaml load above
+</span><span class='id identifier rubyid_ca'>ca</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>CertificateAuthority</span><span class='op'>::</span><span class='const'>Signer</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_config'>config</span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='id identifier rubyid_ca'>ca</span><span class='period'>.</span><span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span>
+    <span class='symbol'>:profile_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>server</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
+    <span class='symbol'>:csr</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_csr'>csr</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>Override a CSR&#39;s subject or SAN names when signing</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_csr'>csr</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Csr</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
+    <span class='symbol'>:subject</span> <span class='op'>=&gt;</span> <span class='lbracket'>[</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>CN</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>somedomain.com</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>O</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>My Org</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>L</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>City</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>ST</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>State</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
+        <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>C</span><span class='tstring_end'>'</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>US</span><span class='tstring_end'>'</span></span><span class='rbracket'>]</span>
+    <span class='rbracket'>]</span>
+<span class='rparen'>)</span>
+<span class='id identifier rubyid_data_hash'>data_hash</span> <span class='op'>=</span> <span class='id identifier rubyid_csr'>csr</span><span class='period'>.</span><span class='id identifier rubyid_to_hash'>to_hash</span>
+<span class='id identifier rubyid_data_hash'>data_hash</span><span class='lbracket'>[</span><span class='symbol'>:san_names</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>sannames.com</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>domain2.com</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span>
+<span class='id identifier rubyid_data_hash'>data_hash</span><span class='lbracket'>[</span><span class='symbol'>:subject</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CN</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>newdomain.com</span><span class='tstring_end'>&quot;</span></span>
+<span class='id identifier rubyid_data_hash'>data_hash</span><span class='lbracket'>[</span><span class='symbol'>:subject</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>O</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Org 2.0</span><span class='tstring_end'>&quot;</span></span>
+<span class='comment'># assume config from yaml load above
+</span><span class='id identifier rubyid_ca'>ca</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>CertificateAuthority</span><span class='op'>::</span><span class='const'>Signer</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_config'>config</span><span class='rparen'>)</span>
+<span class='id identifier rubyid_cert'>cert</span> <span class='op'>=</span> <span class='id identifier rubyid_ca'>ca</span><span class='period'>.</span><span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span>
+    <span class='symbol'>:profile_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>server</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
+    <span class='symbol'>:csr</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_csr'>csr</span><span class='comma'>,</span>
+    <span class='symbol'>:data_hash</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_data_hash'>data_hash</span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<h3>Load Hardware Engines</h3>
+
+<p>The engine you want to load must already be available to OpenSSL. How to compile/install OpenSSL engines is outside the scope of this document.</p>
+
+<pre class="code ruby"><code><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Engine</span><span class='period'>.</span><span class='id identifier rubyid_load'>load</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>engine_name</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_engine'>engine</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Engine</span><span class='period'>.</span><span class='id identifier rubyid_by_id'>by_id</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>engine_name</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+<span class='id identifier rubyid_key'>key</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>PrivateKey</span><span class='lparen'>(</span>
+    <span class='symbol'>:engine</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_engine'>engine</span><span class='comma'>,</span>
+    <span class='symbol'>:key_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>my_key_name</span><span class='tstring_end'>&quot;</span></span>
+<span class='rparen'>)</span>
+</code></pre>
+
+<p>You can then use this key for signing.</p>
+
+<h3>OID Mapping</h3>
+
+<p>Register one</p>
+
+<pre class="code ruby"><code><span class='const'>R509</span><span class='op'>::</span><span class='const'>OidMapper</span><span class='period'>.</span><span class='id identifier rubyid_register'>register</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1.3.5.6.7.8.3.23.3</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>short_name</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>optional_long_name</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
+</code></pre>
+
+<p>Register in batch</p>
+
+<pre class="code ruby"><code><span class='const'>R509</span><span class='op'>::</span><span class='const'>OidMapper</span><span class='period'>.</span><span class='id identifier rubyid_batch_register'>batch_register</span><span class='lparen'>(</span><span class='lbracket'>[</span>
+    <span class='lbrace'>{</span><span class='symbol'>:oid</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1.3.5.6.7.8.3.23.3</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='symbol'>:short_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>short_name</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='symbol'>:long_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>optional_long_name</span><span class='tstring_end'>&quot;</span></span><span class='rbrace'>}</span><span class='comma'>,</span>
+    <span class='lbrace'>{</span><span class='symbol'>:oid</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>1.3.5.6.7.8.3.23.5</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='symbol'>:short_name</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>another_name</span><span class='tstring_end'>&quot;</span></span><span class='rbrace'>}</span>
+<span class='rbracket'>]</span><span class='rparen'>)</span>
+</code></pre>
+
+<h2>Documentation</h2>
+
+<p>There is (relatively) complete documentation available for every method and class in r509 available via yardoc. If you installed via gem it should be pre-generated in the doc directory. If you cloned this repo, just type <code>rake yard</code> with the yard gem installed. You will also need the redcarpet and github-markup gems to properly parse the Readme.md.</p>
+
+<h2>Thanks to...</h2>
+
+<ul>
+<li><a href="https://github.com/sirsean">Sean Schulte</a></li>
+<li><a href="https://github.com/justfalter">Mike Ryan</a></li>
+</ul>
+
+<h2>License</h2>
+
+<p>See the LICENSE file. Licensed under the Apache 2.0 License.</p>
+
+<h1>YAML Config Options</h1>
+
+<p>r509 configs are nested hashes of key:values that define the behavior of each CA. See r509.yaml for a full example config.</p>
+
+<h2>ca_name</h2>
+
+<h3>ca_cert</h3>
+
+<p>This hash defines the certificate + key that will be used to sign for the ca_name. Depending on desired configuration various elements are optional. You can even supply just <strong>cert</strong> (for example, if you are using an ocsp_cert hash and only using the configured CA for OCSP responses)</p>
+
+<ul>
+<li>cert (cannot use with pkcs12)</li>
+<li>key (cannot use with key)</li>
+<li>engine (optional, cannot be used with key or pkcs12)</li>
+<li>key_name (required when using engine)</li>
+<li>pkcs12 (optional, cannot be used with key or cert)</li>
+<li>password (optional, used for pkcs12 or passworded private key)</li>
+</ul>
+
+<h3>ocsp_cert</h3>
+
+<p>This hash defines the certificate + key that will be used to sign for OCSP responses. OCSP responses cannot be directly created with r509, but require the ancillary gem <a href="https://github.com/reaperhulk/r509-ocsp-responder">r509-ocsp-responder</a>. This hash is optional and if not provided r509 will automatically use the ca_cert as the OCSP certificate.</p>
+
+<ul>
+<li>cert (cannot use with pkcs12)</li>
+<li>key (cannot use with key)</li>
+<li>engine (optional, cannot be used with key or pkcs12)</li>
+<li>key_name (required when using engine)</li>
+<li>pkcs12 (optional, cannot be used with key or cert)</li>
+<li>password (optional, used for pkcs12 or passworded private key)</li>
+</ul>
+
+<h3>cdp_location</h3>
+
+<p>The CRL distribution point for certificates issued from this CA.</p>
+
+<p>Example: &#39;URI:<a href="http://crl.r509.org/myca.crl">http://crl.r509.org/myca.crl</a>&#39;</p>
+
+<h3>crl_list</h3>
+
+<p>The path on the filesystem of the list of revoked certificates for this CA.</p>
+
+<p>Example: &#39;/path/to/my_ca_crl_list.txt&#39;</p>
+
+<h3>crl_number</h3>
+
+<p>The path on the filesystem of the current CRL number for this CA.</p>
+
+<p>Example: &#39;/path/to/my_ca_crl_number.txt&#39;</p>
+
+<h3>crl_validity_hours</h3>
+
+<p>Integer hours for CRL validity.</p>
+
+<h3>ocsp_location</h3>
+
+<p>The OCSP AIA extension value for certificates issued from this CA.</p>
+
+<p>Example: &#39;URI:<a href="http://ocsp.r509.org">http://ocsp.r509.org</a>&#39;</p>
+
+<h3>ocsp_chain</h3>
+
+<p>An optional path to a concatenated text file of PEMs that should be attached to OCSP responses</p>
+
+<h3>ocsp_validity_hours</h3>
+
+<p>Integer hours for OCSP response validity.</p>
+
+<h3>ocsp_start_skew_seconds</h3>
+
+<p>Integer seconds to skew back the &quot;thisUpdate&quot; field. This prevents issues where the OCSP responder signs a response and the client rejects it because the response is &quot;not yet valid&quot; due to slight clock synchronization problems.</p>
+
+<h3>message_digest</h3>
+
+<p>String value of the message digest to use for signing (both CRL and certificates). Allowed values are:</p>
+
+<ul>
+<li>SHA1 (default)</li>
+<li>SHA256</li>
+<li>SHA512</li>
+<li>MD5 (Don&#39;t use this unless you have a really, really good reason. Even then, you shouldn&#39;t)</li>
+</ul>
+
+<h3>profiles</h3>
+
+<p>Each CA can have an arbitrary number of issuance profiles (with arbitrary names). For example, a CA named <strong>test_ca</strong> might have 3 issuance profiles: server, email, clientserver. Each of these profiles then has a set of options that define the encoded data in the certificate for that profile. If no profiles are defined the root cannot issue certs, but can still issue CRLs.</p>
+
+<h4>basic_constraints</h4>
+
+<p>All basic constraints are encoded with the critical bit set to true. In general you should only pass &quot;CA:TRUE&quot; (for an issuing CA) or &quot;CA:FALSE&quot; for everything else with this flag.</p>
+
+<h4>key_usage</h4>
+
+<p>An array of strings that conform to the OpenSSL naming scheme for available key usage OIDs. TODO: Document whether arbitrary OIDs can be passed here.</p>
+
+<ul>
+<li>digitalSignature</li>
+<li>nonRepudiation</li>
+<li>keyEncipherment</li>
+<li>dataEncipherment</li>
+<li>keyAgreement</li>
+<li>keyCertSign</li>
+<li>cRLSign</li>
+<li>encipherOnly</li>
+<li>decipherOnly</li>
+</ul>
+
+<h4>extended_key_usage</h4>
+
+<p>An array of strings that conform to the OpenSSL naming scheme for available EKU OIDs. The following list of allowed shortnames is taken from the OpenSSL docs. Depending on your OpenSSL version there may be more than this list.</p>
+
+<ul>
+<li>serverAuth</li>
+<li>clientAuth</li>
+<li>codeSigning</li>
+<li>emailProtection</li>
+<li>OCSPSigning</li>
+<li>timeStamping</li>
+<li>msCodeInd</li>
+<li>msCodeCom</li>
+<li>msCTLSign</li>
+<li>msSGC</li>
+<li>msEFS</li>
+<li>nsSGC</li>
+</ul>
+
+<h4>certificate_policies</h4>
+
+<p>An array of arrays containing policy identifiers and CPS URIs. For example:</p>
+
+<pre class="code yaml"><code>[ [ &quot;policyIdentifier=2.16.840.1.9999999.1.2.3.4.2&quot;,&quot;CPS.1=http://r509.org/cps&quot; ] ]
+</code></pre>
+
+<p>or</p>
+
+<pre class="code yaml"><code>[ [&quot;policyIdentifier=2.16.840.1.999999.0&quot;], [ &quot;policyIdentifier=2.16.840.1.9999999.1.2.3.4.2&quot;,&quot;CPS.1=http://r509.org/cps&quot; ] ]
+</code></pre>
+
+<h4>subject_item_policy</h4>
+
+<p>Hash of required/optional subject items. These must be in OpenSSL shortname format. If subject_item_policy is excluded from the profile then all subject items will be used. If it is included, <strong>only items listed in the policy will be copied to the certificate</strong>.
+Example:</p>
+
+<pre class="code yaml"><code>CN : &quot;required&quot;,
+O: &quot;required&quot;,
+OU: &quot;optional&quot;,
+ST: &quot;required&quot;,
+C: &quot;required&quot;,
+L: &quot;required&quot;,
+emailAddress: &quot;optional&quot;
+</code></pre>
+
+<p>If you use the R509::OidMapper you can create new shortnames that are allowed within this directive.</p>
+</div></div>
+
+    <div id="footer">
+  Generated on Tue Oct 23 22:48:01 2012 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.8.0 (ruby-1.9.3).
+</div>
+
+  </body>
+</html>