Created
May 8, 2020 17:38
-
-
Save ColinSullivan1/582fc36746255f4310f9c4f1cdd54dd5 to your computer and use it in GitHub Desktop.
Create self signed test certs (ca, client, server) with domain components "foo1" and "foo2"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| openssl genrsa -out ca.key 2048 | |
| openssl req -new -x509 -days 1826 -key ca.key -out ca.crt -subj "/C=US/ST=California/L=Los Angeles/O=NATS/OU=NATS/CN=localhost" | |
| cp ca.key ca-key.pem | |
| cat ca.key > ca.pem | |
| cat ca.crt >> ca.pem | |
| # create client certs | |
| openssl genrsa -out client.key 2048 | |
| openssl req -new -key client.key -out client.csr -subj "/C=US/ST=California/L=Los Angeles/O=NATS/OU=NATS/CN=localhost/DC=foo1/DC=foo2" | |
| openssl x509 -req -days 3650 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt | |
| cp client.key client-key.pem | |
| cat client.key > client.pem | |
| cat client.crt >> client.pem | |
| # create server certs | |
| openssl genrsa -out server.key 2048 | |
| openssl req -new -key server.key -out server.csr -subj "/C=US/ST=California/L=Los Angeles/O=NATS/OU=NATS/CN=localhost" | |
| openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt | |
| cp server.key server-key.pem | |
| cat server.key > server.pem | |
| cat server.crt >> server.pem | |
| rm *.crt | |
| rm *.csr | |
| rm *.key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment