aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2015-12-18 11:02:18 +0900
committerKazuki Yamaguchi <k@rhe.jp>2015-12-18 11:02:18 +0900
commit11175ba2dccac382ad1721cc09cf36b9d799a98e (patch)
tree53e28a0490352129f17ce6c03c29c8800dfc8ac6
parenta9ed5f5df99050e3551331be95ef18f0ec5a840f (diff)
downloadplum-11175ba2dccac382ad1721cc09cf36b9d799a98e.tar.gz
rack: tls_session: generate dummy cert with SHA-256
Diffstat
-rw-r--r--lib/plum/rack/listener.rb9
1 files changed, 4 insertions, 5 deletions
diff --git a/lib/plum/rack/listener.rb b/lib/plum/rack/listener.rb
index 881a18a..4b8fd45 100644
--- a/lib/plum/rack/listener.rb
+++ b/lib/plum/rack/listener.rb
@@ -69,14 +69,14 @@ module Plum
end
def plum(sock)
- raise ::Plum::LegacyHTTPError.new("client doesn't offered h2 with ALPN", nil) unless sock.alpn_protocol == "h2"
+ raise ::Plum::LegacyHTTPError.new("client didn't offer h2 with ALPN", nil) unless sock.alpn_protocol == "h2"
::Plum::ServerConnection.new(sock.method(:write))
end
private
# returns: [cert, key]
def dummy_key
- puts "WARNING: Generating new dummy certificate..."
+ STDERR.puts "WARNING: Generating new dummy certificate..."
key = OpenSSL::PKey::RSA.new(2048)
cert = OpenSSL::X509::Certificate.new
@@ -93,10 +93,9 @@ module Plum
cert.extensions = [
ef.create_extension("basicConstraints", "CA:TRUE", true),
ef.create_extension("subjectKeyIdentifier", "hash"),
+ ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
]
- cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
-
- cert.sign key, OpenSSL::Digest::SHA1.new
+ cert.sign(key, OpenSSL::Digest::SHA256.new)
[cert.to_s, key.to_s]
end
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 09:47:39 +0000