gencerts.sh 588 B

1234567891011121314151617181920212223242526
  1. #!/bin/bash
  2. if ! [[ "$0" =~ "./gencerts.sh" ]]; then
  3. echo "must be run from 'fixtures'"
  4. exit 255
  5. fi
  6. if ! which cfssl; then
  7. echo "cfssl is not installed"
  8. exit 255
  9. fi
  10. cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
  11. mv ca.pem ca.crt
  12. openssl x509 -in ca.crt -noout -text
  13. # generate wildcard certificates DNS: *.etcd.local
  14. cfssl gencert \
  15. --ca ./ca.crt \
  16. --ca-key ./ca-key.pem \
  17. --config ./gencert.json \
  18. ./server-ca-csr.json | cfssljson --bare ./server
  19. mv server.pem server.crt
  20. mv server-key.pem server.key.insecure
  21. rm -f *.csr *.pem *.stderr *.txt