= CertificateAuthority - Because it shouldn't be this damned complicated

This is meant to provide a programmer-friendly implementation of all the basic functionality contained in RFC-3280 to implement your own certificate authority.

You can generate root certificates, intermediate certificates, and terminal certificates.  You can also generate/manage Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) messages.

Because this library is built using the native Ruby bindings for OpenSSL it also supports PKCS#11 cryptographic hardware for secure maintenance of private key materials.

= The important parts
Coming soon.

= Examples

== Creating a self-signed certificate/root (probably what you want)

	require 'certificate_authority'
	root = CertificateAuthority::Certificate.new
	root.subject.common_name "http://mydomain.com"
	root.key_material.generate_key
	root.signing_entity = true
	root.sign!
	
== Creating an intermediate certificate (much less common use-case)

	require 'certificate_authority'
	root = CertificateAuthority::Certificate.new
	root.subject.common_name "My snazzy root!"
	root.key_material.generate_key
	root.signing_entity = true
	root.sign!
	
	intermediate = CertificateAuthority::Certificate.new
	intermediate.subject.common_name "My snazzy intermediate!"
	intermediate.key_material.generate_key
	intermediate.signing_entity = true
	intermediate.parent = root
	intermediate.sign!
	
== Creating a terminal (non-signing) cert

  require 'certificate_authority'
	plain_cert = CertificateAuthority::Certificate.new
	plain_cert.subject.common_name "http://mydomain.com"
	plain_cert.key_material.generate_key
	plain_cert.parent = root # or intermediate
	plain_cert.sign!
	
== Getting the certificate body

	...
	certificate.sign!
  certificate.to_pem # <= Returns a PEM formatted string of your certificate
  certificate.key_material.private_key.to_pem # <= If you need the private key (and it's in memory)

= Coming Soon

* More PKCS#11 hardware (I need driver support from the manufacturers)
* Configurable V3 extensions for all the extended functionality

== Meta

Written by Chris Chandler(http://chrischandler.name) of Flatterline(http://flatterline.com)

Released under the MIT License: http://www.opensource.org/licenses/mit-license.php

Main page: http://github.com/cchandler/certificateauthority

Issue tracking: https://github.com/cchandler/certificateauthority/issues