r509 v0.6 is out. There were 39 commits encompassing the following changes from 0.5 to 0.6.

  • Gemfile updated to set proper versions of supporting gems for doc generation
  • Fixes to load_yaml in Config
  • OCSP handling extensively refactored and most of the logic moved into the r509 OCSP responder project.
  • Cert#subject_component no longer improperly upcases elements
  • SAN is now supported in self-signed certificates
  • Cert#san_names returns an empty array if no san_names exist
  • Cert#fingerprint is now an available method
  • Cert#subject_names returns a concatenation (de-duped) of CN and SANs
  • General refactoring in several areas to improve code quality
  • Csr now takes :san_names in constructor instead of :domains. This is more consistent
  • Files renamed to lowercase to match Ruby conventions
  • Cert#in_validity_range? method added
  • Fixed some order dependent tests

The majority of work went into improving the OCSP codebase, which was moved into the r509-ocsp-responder project, but that’s a subject for another blog entry!