Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Create-certificat-with-cfssl.md
## Create CA
{
cat > ca-config.json <<EOF
{
"signing": {
"default": {
"expiry": "8760h"
},
"profiles": {
"openshift-install": {
"usages": ["signing", "key encipherment", "server auth", "client auth"],
"expiry": "8760h"
}
}
}
}
EOF
cat > ca-csr.json <<EOF
{
"CN": "myproxy",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "FR",
"L": "Grenoble",
"O": "Nadj",
"OU": "CA",
"ST": "Isère"
}
]
}
EOF
gencert -initca ca-csr.json | /usr/local/bin/cfssljson -bare ca
}
{
cat > olomar-csr.json <<EOF
{
"hosts": [
"olomar.odic.rd.francetelecom.fr"
],
"CN": "olomar.odic.rd.francetelecom.fr",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "FR",
"L": "Grenoble",
"O": "Nadj",
"OU": "Nginx",
"ST": "Isère"
}
]
}
EOF
cfssl gencert \
-ca=ca.pem \
-ca-key=ca-key.pem \
-config=ca-config.json \
-profile=openshift-install \
olomar-csr.json | /usr/local/bin/cfssljson -bare olomar-cert
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.