[Perl-openssl-users] Generate and sign CSR / CRT for https

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I am used to generate keys with OpenSSL via shell, this way:

----------------------------------------------------------------------------
my $ssk="a29bRwoA73xZGeBc";
openssl req -new -newkey rsa:2048 -nodes -keyout "/etc/ssl/$ssk.key" -out "/etc/ssl/$ssk.csr"
openssl x509 -req -days 365 -in "/etc/ssl/$ssk.csr" -signkey "/etc/ssl/$ssk.key" -out "/etc/ssl/$ssk.crt"
----------------------------------------------------------------------------

Now I need to perform this action via PERL, but I have no idea if the below code can at least implement the 1st line:

----------------------------------------------------------------------------

my $ssk="a29bRwoA73xZGeBc";

# I didn't use Crypt::OpenSSL::Random, as I didn't found where it comes to action
use Crypt::OpenSSL::RSA;
my $rsa=Crypt::OpenSSL::RSA-&gt;generate_key(2048);
my $rsa_pub=Crypt::OpenSSL::RSA-&gt;new_public_key($rsa-&gt;get_public_key_x509_string());
my $rsa_prv=Crypt::OpenSSL::RSA-&gt;new_private_key($rsa-&gt;get_private_key_string());
my $cipher=$rsa-&gt;encrypt($rsa_pub);
my $plain=$rsa-&gt;encrypt($cipher);
my $sigt=$rsa_prv-&gt;sign($plain); # This seems to be part of the 2nd line in shell code, but maybe I am wrong.
unless($rsa-&gt;verify($plain,$sigt)) { die "Failed to create keys"; }

# Here is the issue:
&amp;SaveFile("/etc/ssl/$ssk.key",$plain,0400); # Is it correct?
&amp;SaveFile("/etc/ssl/$ssk.csr",$cipher,0400); # How about this?

# How do I proceed to implement the 2nd line of the shell code?

----------------------------------------------------------------------------

Note that the part of Crypt::OpenSSL::Random and saving to key files is not docmented...

Thanks a lot