ruby - 如何使用 Ruby 将 ASN1::DEROctetStrng 转换为 ASN1::ASN1Sequence?
问题描述
我正在尝试将自签名证书生成pem
格式。下面是应该执行此操作的一段代码。
require 'openssl'
require 'r509'
rsa_key = OpenSSL::PKey::RSA.new(1024)
public_key = rsa_key.public_key
subject = "CN=test_host, OU=test_ou, O=test_o, DC=test_dc, DC=test_com"
cert = OpenSSL::X509::Certificate.new
cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
cert.not_before = Time.now
cert.not_after = Time.now + 365 * 24 * 60 * 60
cert.public_key = public_key
cert.serial = 0x0
cert.version = 2
ef = OpenSSL::X509::ExtensionFactory.new
ef.subject_certificate = cert
ef.issuer_certificate = cert
cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always")
cert.add_extension ef.create_extension("keyUsage", "digitalSignature,keyEncipherment", true)
cert.add_extension ef.create_extension("subjectAltName", "DNS:test_host")
cert.add_extension(ef.create_extension("certificatePolicies","1.3.6.1.4.1.41519.1.1"))
cert.sign rsa_key, OpenSSL::Digest::SHA256.new
cert.to_pem
File.write("test_self_cert.pem", cert.to_pem.to_s)
我运行它pry
,一切正常。它生成了证书,但是当我打开它Portecle
来验证它时extensions
,Certificate policies
抛出了以下错误:java.lang.ClassCastException: org.bouncycastle.asn1.DEROctetString cannot be cast to org.bouncycastle.asn1.ASN1Sequence
. 下面我附上截图以供参考。我现在被困住了,很欣赏这方面的任何方向。
解决方案
推荐阅读
- visual-studio-code - 文件在当前文件夹中关闭并显示在工作区文件夹中
- python - 模块“networkx”没有属性“from_pandas_edgelist”
- javascript - Lambda 返回 200 和空对象,不等待回调触发
- amazon-web-services - AWS Lambda 函数返回 Runtime.HandlerNotFound 错误
- memory-management - dask.submit:调度程序中的内存/负载分配不足
- javascript - Json 递归函数,用于过滤并以请求的精确形式返回对象
- backup - Scaleway GLACIER 类对象存储与 restic
- scala - spark executor scala parArray 合并返回值
- c - 差异
/ 对比 / - c++ - 将派生类的构造函数声明为父类的友元