Creates a new SSL context.
If an argument is given, ssl_version= is called with the value. Note that this form is deprecated. New applications should use min_version= and max_version= as necessary.
Creates a new SSL socket from io which must be a real IO object (not an IO-like object that responds to read/write).
If ctx is provided the SSL Sockets initial params will be taken from the context.
The OpenSSL::Buffering module provides additional IO methods.
This method will freeze the SSLContext if one is provided; however, session management is still allowed in the frozen SSLContext.
Creates a new instance of SSLServer.
srv is an instance of TCPServer.
ctx is an instance of OpenSSL::SSL::SSLContext.
Creates an X509 extension.
The extension may be created from der data or from an extension oid and value. The oid may be either an OID or an extension name. If critical is true the extension is marked critical.
Creates a new Name.
A name may be created from a DER encoded string der, an Array representing a distinguished_name or a distinguished_name along with a template.
name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']] name = OpenSSL::X509::Name.new name.to_der
See add_entry for a description of the distinguished_name Array’s contents
Sets up a StoreContext for a verification of the X.509 certificate cert.
value: Please have a look at Constructive and Primitive to see how Ruby types are mapped to ASN.1 types and vice versa.
tag: An Integer indicating the tag number.
tag_class: A Symbol indicating the tag class. Please cf. ASN1 for possible values.
asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42) tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER
value: is mandatory.
tag: optional, may be specified for tagged values. If no tag is specified, the UNIVERSAL tag corresponding to the Primitive sub-class is used by default.
tagging: may be used as an encoding hint to encode a value either explicitly or implicitly, see ASN1 for possible values.
tag_class: if tag and tagging are nil then this is set to :UNIVERSAL by default. If either tag or tagging are set then :CONTEXT_SPECIFIC is used as the default. For possible values please cf. ASN1.
int = OpenSSL::ASN1::Integer.new(42) zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
value: is mandatory.
tag: optional, may be specified for tagged values. If no tag is specified, the UNIVERSAL tag corresponding to the Primitive sub-class is used by default.
tagging: may be used as an encoding hint to encode a value either explicitly or implicitly, see ASN1 for possible values.
tag_class: if tag and tagging are nil then this is set to :UNIVERSAL by default. If either tag or tagging are set then :CONTEXT_SPECIFIC is used as the default. For possible values please cf. ASN1.
int = OpenSSL::ASN1::Integer.new(42) zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
request - optional raw request, either in PEM or DER format.
Creates a new OpenSSL::OCSP::Request. The request may be created empty or from a request_der string.
Creates a new OpenSSL::OCSP::Response. The response may be created empty or from a response_der string.
Creates a new BasicResponse. If der_string is given, decodes der_string as DER.
Creates a new SingleResponse from der_string.
Creates a new OpenSSL::OCSP::CertificateId for the given subject and issuer X509 certificates. The digest is a digest algorithm that is used to compute the hash values. This defaults to SHA-1.
If only one argument is given, decodes it as DER representation of a certificate ID or generates certificate ID from the object that responds to the to_der method.
Because PKey is an abstract class, actually calling this method explicitly will raise a NotImplementedError.