ruby - 从 CRL 列表中获取序列号

Question

我有一个带有一些条目的revoked.crl 证书吊销列表。如何从中检索序列号。当我使用 revoked 方法时，它返回诸如 "#OpenSSL::X509::Revoked:0x007f944b1fd0d8" 之类的条目数组。谁能告诉我如何解析这个以获得确切的序列号？

Answer 1

尝试类似：

require "openssl"

crl_filepath = "./path/to/mylist.crl"
puts "PARSING CRL FILE #{crl_filepath} ..."

crl = OpenSSL::X509::CRL::new(File.read(crl_filepath))
puts "... ISSUER: #{crl.issuer.to_s}"
puts "... VERSION: #{crl.version.to_s}"
puts "... LAST UPDATE: #{crl.last_update.to_s}"
puts "... NEXT UPDATE: #{crl.next_update.to_s}"

puts "INVESTIGATING FIRST CERTIFICATE..."
r = crl.revoked.first # FYI this is an OpenSSL::X509::Revoked object
puts "... SERIAL: #{r.serial.to_s}"
puts "... TIME: #{r.time.to_s}"
puts "... EXTENSIONS (#{r.extensions.count}):"
r.extensions.each do |ext|
  puts "   ... #{ext.to_h}"
end

相关文件：

• https://ruby-doc.org/stdlib-2.4.2/libdoc/openssl/rdoc/OpenSSL/X509/CRL.html
• http://ruby-doc.org/stdlib-2.5.0/libdoc/openssl/rdoc/OpenSSL/X509/Revoked.html
• http://ruby-doc.org/stdlib-2.5.0/libdoc/openssl/rdoc/OpenSSL/X509/Extension.html