|
|
@@ -5,5 +5,27 @@ Defaults generate an ECDSA-384 root and leaf certificates for `localhost`. etcd
|
|
|
**Instructions**
|
|
|
|
|
|
1. Install git, go, and make
|
|
|
-2. Run `make` to generate the certs
|
|
|
-3. Run `goreman start`
|
|
|
+2. Amend https://github.com/coreos/etcd/blob/master/hack/tls-setup/config/req-csr.json - IP's currently in the config should be replaced/added to with IP addresses of each node in your cluster, please note 127.0.0.1 is always required for loopback purposes:
|
|
|
+```json
|
|
|
+Example:
|
|
|
+{
|
|
|
+ "CN": "etcd",
|
|
|
+ "hosts": [
|
|
|
+ "3.8.121.201",
|
|
|
+ "46.4.19.20",
|
|
|
+ "127.0.0.1"
|
|
|
+ ],
|
|
|
+ "key": {
|
|
|
+ "algo": "ecdsa",
|
|
|
+ "size": 384
|
|
|
+ },
|
|
|
+ "names": [
|
|
|
+ {
|
|
|
+ "O": "autogenerated",
|
|
|
+ "OU": "etcd cluster",
|
|
|
+ "L": "the internet"
|
|
|
+ }
|
|
|
+ ]
|
|
|
+}
|
|
|
+```
|
|
|
+3. Run `make` to generate the certs
|
Xiang Li