Halaman utama Jelajahi Bantuan
Daftar Masuk
publics
/
etcd-io__etcd
0
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: e13c8942c3
Ranting Tag
etcd-io__etcd
/
hack
/
scripts-dev
/
docker-dns
/
certs-common-name-multi
/
gencerts.sh

gencerts.sh 1.0 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142 
  1. #!/bin/bash
    2. 

  2. 

  3. if ! [[ "$0" =~ "./gencerts.sh" ]]; then
    4. 

  4. 	echo "must be run from 'fixtures'"
    5. 

  5. 	exit 255
    6. 

  6. fi
    7. 

  7. 

  8. if ! which cfssl; then
    9. 

  9. 	echo "cfssl is not installed"
    10. 

  10. 	exit 255
    11. 

  11. fi
    12. 

  12. 

  13. cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
    14. 

  14. mv ca.pem ca.crt
    15. 

  15. openssl x509 -in ca.crt -noout -text
    16. 

  16. 

  17. # generate wildcard certificates DNS: m1/m2/m3.etcd.local
    18. 

  18. cfssl gencert \
    19. 

  19.     --ca ./ca.crt \
    20. 

  20.     --ca-key ./ca-key.pem \
    21. 

  21.     --config ./gencert.json \
    22. 

  22.     ./server-ca-csr-1.json | cfssljson --bare ./server-1
    23. 

  23. mv server-1.pem server-1.crt
    24. 

  24. mv server-1-key.pem server-1.key.insecure
    25. 

  25. 

  26. cfssl gencert \
    27. 

  27.     --ca ./ca.crt \
    28. 

  28.     --ca-key ./ca-key.pem \
    29. 

  29.     --config ./gencert.json \
    30. 

  30.     ./server-ca-csr-2.json | cfssljson --bare ./server-2
    31. 

  31. mv server-2.pem server-2.crt
    32. 

  32. mv server-2-key.pem server-2.key.insecure
    33. 

  33. 

  34. cfssl gencert \
    35. 

  35.     --ca ./ca.crt \
    36. 

  36.     --ca-key ./ca-key.pem \
    37. 

  37.     --config ./gencert.json \
    38. 

  38.     ./server-ca-csr-3.json | cfssljson --bare ./server-3
    39. 

  39. mv server-3.pem server-3.crt
    40. 

  40. mv server-3-key.pem server-3.key.insecure
    41. 

  41. 

  42. rm -f *.csr *.pem *.stderr *.txt
    43.