相关疑难解决方法(0)

使用Ruby中的SSLServer验证客户端证书

下面是我用来设置服务器的代码:

require 'socket'
require 'openssl'

socket = TCPServer.new('127.0.0.1', 4433)

ssl_context = OpenSSL::SSL::SSLContext.new()
ssl_context.cert = OpenSSL::X509::Certificate.new(File.open("ssl/server/server.crt"))
ssl_context.key = OpenSSL::PKey::RSA.new(File.open("ssl/server/server.key"))

ca_cert = OpenSSL::X509::Certificate.new(File.open("ssl/ca/ca.crt"))

ssl_socket = OpenSSL::SSL::SSLServer.new(socket, ssl_context)

Thread.start(ssl_socket.accept) do |s|
    puts "Connected to #{s.peeraddr.last}"

    if s.peer_cert.verify(ca_cert.public_key)
        puts "Certificate verified"
    else
        puts "Certificate invalid"
    end
end

Run Code Online (Sandbox Code Playgroud)

和客户:

require 'socket'
require 'openssl'

socket = TCPSocket.new('127.0.0.1', 4433)

ssl_context = OpenSSL::SSL::SSLContext.new
ssl_context.cert = OpenSSL::X509::Certificate.new(File.open("ssl/client1/client1.crt"))
ssl_context.key = OpenSSL::PKey::RSA.new(File.open("ssl/client1/client1.key"))

ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)

ca_cert = OpenSSL::X509::Certificate.new(File.open("ssl/ca/ca.crt"))

ssl_socket.connect

if ssl_socket.peer_cert.verify(ca_cert.public_key)
    puts "Certificate checks out"
else
    puts "Certificate not verified" …

Run Code Online (Sandbox Code Playgroud)

ruby ssl client certificate

chr*_*mon

lucky-day

9
推荐指数

1
解决办法

3457
查看次数

标签统计

certificate ×1

client ×1

ruby ×1

ssl ×1

使用Ruby中的SSLServer验证客户端证书

标签 统计

标签统计