Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert to normal certificate when I pass the chain certificate string. #496

Closed
SystemBack opened this issue Feb 18, 2022 · 11 comments
Closed

Convert to normal certificate when I pass the chain certificate string. #496

SystemBack opened this issue Feb 18, 2022 · 11 comments

Comments

@SystemBack
Copy link

SystemBack commented Feb 18, 2022
edited
Loading

I tried to convert a string certificate chain to OpenSSL::X509::Certificate but when I pass the string as a parameter the Class Certificate convert it to the normal certificate for example:

chain = "-----BEGIN CERTIFICATE-----
Root certificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Intermediate certificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Doman certificate
-----END CERTIFICATE-----"
crt = OpenSSL::X509::Certificate.new chain # in this case the crt is an Object of Certificate but just with the root certificate, not as the chain certificate
@ioquatix
Copy link
Member

I believe we merged a PR to address this problem, let me check.

@ioquatix
Copy link
Member

Looks like it was applied and then reverted.

#325

@ioquatix
Copy link
Member

I'm mistaken, it was applied, and the method to use is OpenSSL::X509::Certificate.load or load_file.

@SystemBack
Copy link
Author

SystemBack commented Feb 19, 2022
edited
Loading

I don't know if is my version of OpenSSL but the method that you mention is not available on my code 😢 @ioquatix
image

@ioquatix
Copy link
Member

What version of Ruby are you using?

@SystemBack
Copy link
Author

SystemBack commented Feb 19, 2022
edited
Loading

What version of Ruby are you using?

The version is 3.0.2 @ioquatix 🤔

@ioquatix
Copy link
Member

Can you try 3.1.1

@SystemBack
Copy link
Author

Can you try 3.1.1

I have a little question, could I just update the ruby gem? Cuz I am working in a big company, and maybe is not possible migrate to a new version of ruby since we need to check a lot of possible inconvenience during the migration 🤔

@rhenium
Copy link
Member

rhenium commented Feb 19, 2022

I'm mistaken, it was applied, and the method to use is OpenSSL::X509::Certificate.load or load_file.

Yes. #441 added these for this exact purpose, and they are part of openssl gem 3.0.0.

Ruby 3.1 is the first version to include the gem version 3.0.x by default.

openssl gem 3.0 is compatible with Ruby 2.6 and later. You can explicitly include gem "openssl" in your Gemfile.

@rhenium rhenium closed this as completed Feb 19, 2022
@SystemBack
Copy link
Author

Hi @ioquatix and @rhenium just a little question about this, and let me know if I am wrong but, the certificate chain that OpenSSL returns is an Array of Certificate Objects or it should be returns just one Certificate Object?

@ioquatix
Copy link
Member

It should be an array.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ioquatix @rhenium @SystemBack