IO::Socket::SSL::Utils -- loading, storing, creating certificates and keys
use IO::Socket::SSL::Utils; my $cert = PEM_file2cert('cert.pem'); my $string = PEM_cert2string($cert); CERT_free($cert); my $key = KEY_create_rsa(2048); PEM_string2file($key); KEY_free($key);
This module provides various utility functions to work with certificates and private keys, shielding some of the complexity of the underlying Net::SSLeay and OpenSSL.
Functions converting between string or file and certificates and keys. They croak if the operation cannot be completed.
Functions for cleaning up. Each loaded or created cert and key must be freed to not leak memory.
KEY_create_rsa(bits) -> key
Creates an RSA key pair, bits defaults to 2048.
CERT_asHash(cert) -> hash
Extracts the information from the certificate into a hash:
The serial number
Certificate version, usually 2 (x509v3)
Hash with the parts of the subject, e.g. commonName, countryName, organizationName, stateOrProvinceName, localityName.
Array with list of alternative names. Each entry in the list is of [type,value], where type can be OTHERNAME, EMAIL, DNS, X400, DIRNAME, EDIPARTY, URI, IP or RID.
[type,value]
type
The time frame, where the certificate is valid, as time_t, e.g. can be converted with localtime or similar functions.
CERT_create(hash) -> (cert,key)
Creates a certificate based on the given hash. If the issuer is not specified the certificate will be self-signed. Additionally to the information described in CERT_asHash the following keys can be given:
CERT_asHash
if true declare certificate as CA, defaults to false
use given key as key for certificate, otherwise a new one will be generated and returned
set issuer for new certificate
sign new certificate with given key
Instead of giving issuer_key and issuer_cert as seperate arguments they can be given both together.
specify the algorithm used to sign the certificate, default SHA-256.
If not all necessary information are given some will have usable defaults, e.g.
Steffen Ullrich
To install IO::Socket::SSL, copy and paste the appropriate command in to your terminal.
cpanm
cpanm IO::Socket::SSL
CPAN shell
perl -MCPAN -e shell install IO::Socket::SSL
For more information on module installation, please visit the detailed CPAN module installation guide.