Class: R509::Cert::Extensions::SubjectAlternativeName

Inherits:
OpenSSL::X509::Extension
  • Object
show all
Includes:
GeneralNamesMixin, ValidationMixin
Defined in:
lib/r509/cert/extensions/subject_alternative_name.rb

Overview

RFC 5280 Description (see: www.ietf.org/rfc/rfc5280.txt)

The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate. Defined options include an Internet electronic mail address, a DNS name, an IP address, and a Uniform Resource Identifier (URI). Other options exist, including completely local definitions. Multiple name forms, and multiple instances of each name form, MAY be included. Whenever such identities are to be bound into a certificate, the subject alternative name (or issuer alternative name) extension MUST be used; however, a DNS name MAY also be represented in the subject field using the domainComponent attribute as described in Section 4.1.2.4. Note that where such names are represented in the subject field implementations are not required to convert them into DNS names.

You can use this extension to parse an existing extension for easy access to the contents or create a new one.

Constant Summary

OID =

friendly name for SAN OID

"subjectAltName"

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (SubjectAlternativeName) initialize(arg)

This method takes a hash or an existing Extension object to parse

Parameters:

  • arg (Hash)

    a customizable set of options

Options Hash (arg):

  • :value (Array, R509::ASN1::GeneralNames)

    If you supply an Array it must contain hashes in the standard GeneralName format (:type and :value). You can also pass a pre-existing GeneralNames object

  • :critical (Boolean) — default: false 


43
44
45
46
47
48
49
 
# File 'lib/r509/cert/extensions/subject_alternative_name.rb', line 43

def initialize(arg)
  if not R509::Cert::Extensions.is_extension?(arg)
    arg = build_extension(arg)
  end
  super(arg)
  parse_extension
end

Instance Attribute Details

- (R509::ASN1::GeneralNames) general_names (readonly)

Returns:



35
36
37
 
# File 'lib/r509/cert/extensions/subject_alternative_name.rb', line 35

def general_names
  @general_names
end

Instance Method Details

- (Array<R509::Subject>) directory_names Also known as: dir_names Originally defined in module GeneralNamesMixin

Directory names

Returns:

- (Array<String>) dns_names Originally defined in module GeneralNamesMixin

DNS names

Returns:

  • (Array<String>)

    DNS names

- (Array<String>) ip_addresses Also known as: ips Originally defined in module GeneralNamesMixin

IP addresses. They will be formatted as strings (dotted quad with optional netmask for IPv4 and colon-hexadecimal with optional netmask for IPv6

Returns:

  • (Array<String>)

    IP addresses. They will be formatted as strings (dotted quad with optional netmask for IPv4 and colon-hexadecimal with optional netmask for IPv6

- (Array) names Originally defined in module GeneralNamesMixin

Array of GeneralName objects preserving order found in the extension

Returns:

  • (Array)

    array of GeneralName objects preserving order found in the extension

- (Array<String>) rfc_822_names Also known as: email_names Originally defined in module GeneralNamesMixin

Email addresses

Returns:

  • (Array<String>)

    email addresses

- (Hash) to_h

Returns:

  • (Hash) 


52
53
54
 
# File 'lib/r509/cert/extensions/subject_alternative_name.rb', line 52

def to_h
  {:critical => self.critical?, :value => @general_names.to_h }
end

- (YAML) to_yaml

Returns:

  • (YAML) 


57
58
59
 
# File 'lib/r509/cert/extensions/subject_alternative_name.rb', line 57

def to_yaml
  self.to_h.to_yaml
end

- (Array<String>) uris Originally defined in module GeneralNamesMixin

URIs (not typically found in SAN extensions)

Returns:

  • (Array<String>)

    URIs (not typically found in SAN extensions)