IO::Socket::SSL::Utils -- loading, storing, creating certificates and keys
use IO::Socket::SSL::Utils; my $cert = PEM_file2cert('cert.pem'); my $string = PEM_cert2string($cert); CERT_free($cert); my $key = KEY_create_rsa(2048); PEM_string2file($key); KEY_free($key);
This module provides various utility functions to work with certificates and private keys, shielding some of the complexity of the underlying Net::SSLeay and OpenSSL.
Creates an RSA key pair, bits defaults to 2048.
Extracts the information from the certificate into a hash:
The serial number
Certificate version, usually 2 (x509v3)
Hash with the parts of the subject, e.g. commonName, countryName, organizationName, stateOrProvinceName, localityName.
Array with list of alternative names. Each entry in the list is of
type can be OTHERNAME, EMAIL, DNS, X400, DIRNAME, EDIPARTY, URI, IP or RID.
The time frame, where the certificate is valid, as time_t, e.g. can be converted with localtime or similar functions.
Creates a certificate based on the given hash. If the issuer is not specified the certificate will be self-signed. Additionally to the information described in
CERT_asHash the following keys can be given:
if true declare certificate as CA, defaults to false
use given key as key for certificate, otherwise a new one will be generated and returned
set issuer for new certificate
sign new certificate with given key
Instead of giving issuer_key and issuer_cert as seperate arguments they can be given both together.
specify the algorithm used to sign the certificate, default SHA-256.
If not all necessary information are given some will have usable defaults, e.g.