Wednesday, February 11, 2009

Signing your own gems

Chapter 9 (Signing Your Gems) of the RubyGems User Guide contains everything you need to know to do this.

Here's a quick overview of the steps required.

Build a certificate and private key pair
$ cd /to/where/you/wish/to/keep/your/cert_and_key
$ gem cert --build
Two files are generated from this: gem-private_key.pem & gem-public_cert.pem.

Ensure you keep gem-private_key.pem somewhere safe that only you have access to.

Modify your build specification
Add the following spec to your existing gem's gemspec or to the relevant Rakefile ("s" is your Gem::Specification instance):
$ s.signing_key = 'gem-private_key.pem'
$ s.cert_chain = ['gem-public_cert.pem']
Rebuild your package and you're done!

No comments:

About Me

My photo
I love solving real-world problems with code and systems (web apps, distributed systems and all the bits and pieces in-between).