the two halves of my tasty brain

OpenSSL - Brief Notes

When setting up OpenSSL validation in Ruby, I ran into a few issues. I’ll revisit this post later, but for my own memory, here’s the big one:

Use the openssl command that matches the version that Ruby was built against. This isn’t a big issue for the most part, but the c_rehash command which creates symlinks to certs based on a hash relies on different hashing techniques in OpenSSL 0.9.x and 1.x

Also, migrating keys between openssl and Java’s keytool is a lot like having teeth pulled but without the novocaine and prescription pain killers afterward.

Some links that were useful in this whole process:

As anyone who has done any SSL work in Ruby knows, Ruby’s OpenSSL Docs suck, but as I am not doing anything to directly improve them, I suppose bitching is rather pointless.