huschi.net

IO::Socket::SSL::UtilsUser Contributed Perl DocumentaIO::Socket::SSL::Utils(3)

NAME
       IO::Socket::SSL::Utils -- loading, storing, creating certificates and
       keys
SYNOPSIS
           use IO::Socket::SSL::Utils;
           my $cert = PEM_file2cert('cert.pem');
           my $string = PEM_cert2string($cert);
           CERT_free($cert);
           my $key = KEY_create_rsa(2048);
           PEM_string2file($key);
           KEY_free($key);
DESCRIPTION
       This module provides various utility functions to work with
       certificates and private keys, shielding some of the complexity of the
       underlying Net::SSLeay and OpenSSL.
FUNCTIONS
       o   Functions converting between string or file and certificates and
           keys.  They croak if the operation cannot be completed.
           PEM_file2cert(file) -> cert
           PEM_cert2file(cert,file)
           PEM_string2cert(string) -> cert
           PEM_cert2string(cert) -> string
           PEM_file2key(file) -> key
           PEM_key2file(key,file)
           PEM_string2key(string) -> key
           PEM_key2string(key) -> string
       o   Functions for cleaning up.  Each loaded or created cert and key
           must be freed to not leak memory.
           CERT_free(cert)
           KEY_free(key)
       o   KEY_create_rsa(bits) -> key
           Creates an RSA key pair, bits defaults to 1024.
       o   CERT_asHash(cert) -> hash
           Extracts the information from the certificate into a hash:
           serial  The serial number
           version Certificate version, usually 2 (x509v3)
           subject Hash with the parts of the subject, e.g. commonName,
                   countryName, organizationName, stateOrProvinceName,
                   localityName.
           subjectAltNames
                   Array with list of alternative names. Each entry in the
                   list is of "[type,value]", where "type" can be OTHERNAME,
                   EMAIL, DNS, X400, DIRNAME, EDIPARTY, URI, IP or RID.
           not_before, not_after
                   The time frame, where the certificate is valid, as time_t,
                   e.g. can be converted with localtime or similar functions.
       o   CERT_create(hash) -> cert
           Creates a certificate based on the given hash.  Additionally to the
           information described in "CERT_asHash" the following keys can be
           given:
           CA true|false
                   if true declare certificate as CA, defaults to false
           key key use given key as key for certificate, otherwise a new one
                   will be generated
           issuer_cert cert
                   set issuer for new certificate
           issuer_key key
                   sign new certificate with given key
           If not all necessary information are given some will have usable
           defaults, e.g.
           not_before defaults to the current time
           not_after defaults to 365 days in the future
           subject has a default pointing to IO::Socket::SSL
           version defaults to 2 (x509v3)
           serial will be a random number
AUTHOR
       Steffen Ullrich

perl v5.16.3                      2018-04-10         IO::Socket::SSL::Utils(3)