Closed FGasper closed 8 years ago
sludin
commented
8 years ago More than anything it needs consistency. Either be all PEM or all DER, or take/emit either with the ability to indicate which one you want to use. I do not have a strong opinion beyond that it should be consistent ( which today it is not ). It is early enough that I am happy to make fundamental changes in interface if needed.
FGasper
commented
8 years ago On 5 Jan 2016 6:52 PM, Stephen Ludin wrote:
More than anything it needs consistency. Either be all PEM or all DER, or take/emit either with the ability to indicate which one you want to use. I do not have a strong opinion beyond that it should be consistent ( which today it is not ). It is early enough that I am happy to make fundamental changes in interface if needed.
My vote would be for doing it with multiple functions, as the C libraries do:
sign_pem($csr) sign_der($csr)
(I myself kind of prefer “create_certificate” to “sign”, but the SYNOPSIS section clearly demonstrates how to do this, so no biggie.)
-FG
FGasper
commented
8 years ago @sludin See what you think of this branch:
https://github.com/FGasper/Protocol-ACME/tree/pem_der_agnostic2
I tested it on my shared hosting account, and it worked (with the change of “account_key” parameter, of course).
Crypt::RSA::Parse is my own module. It brings in Math::BigInt and Mo; I could probably alleviate both of those dependencies if you prefer.
sludin
commented
8 years ago I took a quick look at it but I will spend some more time with it later today. I like the reorganization.
sludin
commented
8 years ago Fixed in 0.06
PEM format is convenient in many applications. Given that there is already MIME::Base64, could there be a setting to use PEM rather than DER?