1IO::Socket::SSL::Utils(U3s)er Contributed Perl DocumentatIiOo:n:Socket::SSL::Utils(3)
2
3
4

NAME

6       IO::Socket::SSL::Utils -- loading, storing, creating certificates and
7       keys
8

SYNOPSIS

10           use IO::Socket::SSL::Utils;
11           my $cert = PEM_file2cert('cert.pem');
12           my $string = PEM_cert2string($cert);
13           CERT_free($cert);
14
15           my $key = KEY_create_rsa(2048);
16           PEM_string2file($key);
17           KEY_free($key);
18

DESCRIPTION

20       This module provides various utility functions to work with
21       certificates and private keys, shielding some of the complexity of the
22       underlying Net::SSLeay and OpenSSL.
23

FUNCTIONS

25       ·   Functions converting between string or file and certificates and
26           keys.  They croak if the operation cannot be completed.
27
28           PEM_file2cert(file) -> cert
29           PEM_cert2file(cert,file)
30           PEM_string2cert(string) -> cert
31           PEM_cert2string(cert) -> string
32           PEM_file2key(file) -> key
33           PEM_key2file(key,file)
34           PEM_string2key(string) -> key
35           PEM_key2string(key) -> string
36       ·   Functions for cleaning up.  Each loaded or created cert and key
37           must be freed to not leak memory.
38
39           CERT_free(cert)
40           KEY_free(key)
41       ·   KEY_create_rsa(bits) -> key
42
43           Creates an RSA key pair, bits defaults to 1024.
44
45       ·   CERT_asHash(cert) -> hash
46
47           Extracts the information from the certificate into a hash:
48
49           serial  The serial number
50
51           version Certificate version, usually 2 (x509v3)
52
53           subject Hash with the parts of the subject, e.g. commonName,
54                   countryName, organizationName, stateOrProvinceName,
55                   localityName.
56
57           subjectAltNames
58                   Array with list of alternative names. Each entry in the
59                   list is of "[type,value]", where "type" can be OTHERNAME,
60                   EMAIL, DNS, X400, DIRNAME, EDIPARTY, URI, IP or RID.
61
62           not_before, not_after
63                   The time frame, where the certificate is valid, as time_t,
64                   e.g. can be converted with localtime or similar functions.
65
66       ·   CERT_create(hash) -> cert
67
68           Creates a certificate based on the given hash.  Additionally to the
69           information described in "CERT_asHash" the following keys can be
70           given:
71
72           CA true|false
73                   if true declare certificate as CA, defaults to false
74
75           key key use given key as key for certificate, otherwise a new one
76                   will be generated
77
78           issuer_cert cert
79                   set issuer for new certificate
80
81           issuer_key key
82                   sign new certificate with given key
83
84           If not all necessary information are given some will have usable
85           defaults, e.g.
86
87           not_before defaults to the current time
88           not_after defaults to 365 days in the future
89           subject has a default pointing to IO::Socket::SSL
90           version defaults to 2 (x509v3)
91           serial will be a random number
92

AUTHOR

94       Steffen Ullrich
95
96
97
98perl v5.16.3                      2018-04-10         IO::Socket::SSL::Utils(3)
Impressum