I've looked at the Ruby OpenSSL documentation, but I can't quite figure out the pieces I need to put together to make a .p12 file.
There's also this tutorial, but the comments belie an ambivalence about its correctness.
A:
From ossl_pkcs12.c:
/*
* call-seq:
* PKCS12.create(pass, name, key, cert [, ca, [, key_pbe [, cert_pbe [, key_iter [, mac_iter [, keytype]]]]]])
*
* === Parameters
* * +pass+ - string
* * +name+ - A string describing the key.
* * +key+ - Any PKey.
* * +cert+ - A X509::Certificate.
* * * The public_key portion of the certificate must contain a valid public key.
* * * The not_before and not_after fields must be filled in.
* * +ca+ - An optional array of X509::Certificate's.
* * +key_pbe+ - string
* * +cert_pbe+ - string
* * +key_iter+ - integer
* * +mac_iter+ - integer
* * +keytype+ - An integer representing an MSIE specific extension.
*
* Any optional arguments may be supplied as nil to preserve the OpenSSL defaults.
*
* See the OpenSSL documentation for PKCS12_create().
*/
So (untested and probably incorrect - I am not very familiar with Ruby):
p12 = OpenSSL::PKCS12.create("password", "key", pkey, cert)
p12_bytes = p12.to_der
Rasmus Faber
2009-04-30 19:28:32