Brandon Philips
b3704a7119
fix(fixtures/ca): make the certificates work
|
há 12 anos atrás | |
|---|---|---|
| .. | ||
| broken | há 12 anos atrás | |
| .gitattributes | há 12 anos atrás | |
| README | há 12 anos atrás | |
| ca.crt | há 12 anos atrás | |
| ca.key | há 12 anos atrás | |
| openssl.cnf | há 12 anos atrás | |
| server-chain.pem | há 12 anos atrás | |
| server.crt | há 12 anos atrás | |
| server.csr | há 12 anos atrás | |
| server.key | há 12 anos atrás | |
| server.key.insecure | há 12 anos atrás | |
| server2.crt | há 12 anos atrás | |
| server2.csr | há 12 anos atrás | |
| server2.key | há 12 anos atrás | |
| server2.key.insecure | há 12 anos atrás | |
README
Testing x509 certs for etcd
The passphrases for the keys are `asdf`.
# Make the CA cert
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config openssl.cnf -extensions v3_ca
# Make server cert and signing request
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr -config openssl.cnf
# Sign the server csr and generate a crt
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -extfile openssl.cnf -extensions v3_req
# Output unencrypted server key
openssl rsa -in server.key -out server.key.insecure
# Output "raw" public key from server crt
openssl x509 -pubkey -noout -in server.crt > server.pub
The passphrases for the keys are `asdf`.
# Make the CA cert
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config openssl.cnf -extensions v3_ca
# Make server cert and signing request
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr -config openssl.cnf
# Sign the server csr and generate a crt
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -extfile openssl.cnf -extensions v3_req
# Output unencrypted server key
openssl rsa -in server.key -out server.key.insecure
# Output "raw" public key from server crt
openssl x509 -pubkey -noout -in server.crt > server.pub