

Set up your own Ruby-powered Certificate Authority - pennig
http://langui.sh/2012/11/02/building-a-ca-r509-howto/

======
tptacek
You can also do this with OpenSSL's x509 code; we have a 50 line Ruby function
that mints new validly-signed signatures from a CA=YES signature generated by
the OpenSSL command line tools.

~~~
reaperhulk
Absolutely. r509 (which this tutorial uses) is fundamentally a wrapper around
the OpenSSL bindings of Ruby. It doesn't do anything that you can't do without
it; it just tries to present certificate generation/revocation/management in a
simpler manner.

This is most evident in the OCSP responder, which leverages sections of the
Ruby OpenSSL code that have...limited documentation (see: [http://www.ruby-
doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/Ope...](http://www.ruby-
doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/OCSP/BasicResponse.html))

