1#!/usr/bin/env ruby 2 3require 'optparse' 4require 'openssl' 5 6include OpenSSL 7 8def usage 9 myname = File::basename($0) 10 $stderr.puts <<EOS 11Usage: #{myname} [--key keypair_file] name 12 name ... ex. /C=JP/O=RRR/OU=CA/CN=NaHi/emailAddress=nahi@example.org 13EOS 14 exit 15end 16 17options = ARGV.getopts(nil, "key:", "csrout:", "keyout:") 18keypair_file = options["key"] 19csrout = options["csrout"] || "csr.pem" 20keyout = options["keyout"] || "keypair.pem" 21 22$stdout.sync = true 23name_str = ARGV.shift or usage() 24name = X509::Name.parse(name_str) 25 26keypair = nil 27if keypair_file 28 keypair = PKey::RSA.new(File.open(keypair_file).read) 29else 30 keypair = PKey::RSA.new(1024) { putc "." } 31 puts 32 puts "Writing #{keyout}..." 33 File.open(keyout, "w", 0400) do |f| 34 f << keypair.to_pem 35 end 36end 37 38puts "Generating CSR for #{name_str}" 39 40req = X509::Request.new 41req.version = 0 42req.subject = name 43req.public_key = keypair.public_key 44req.sign(keypair, Digest::MD5.new) 45 46puts "Writing #{csrout}..." 47File.open(csrout, "w") do |f| 48 f << req.to_pem 49end 50puts req.to_text 51puts req.to_pem 52