Skip to content

Instantly share code, notes, and snippets.

@brakmic
Created April 27, 2023 10:10
Show Gist options
  • Save brakmic/cdb076c5a2bbd117b412ecb234d7a66b to your computer and use it in GitHub Desktop.
Save brakmic/cdb076c5a2bbd117b412ecb234d7a66b to your computer and use it in GitHub Desktop.
HOWTO create a CA and TLS keys and certs

Create Certificate Authority, TLS key and cert

  • Create a private key
openssl genrsa -out tls.key 2048
  • Create a CSR
openssl req -new -key tls.key -out tls.csr
  • Create a CA certificate
openssl req -new -x509 -keyout ca.key -out ca.crt -days 365 -subj '/CN=localhost'
  • Sign the CSR with the CA certificate to create server certificate
openssl x509 -req -in tls.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt -days 365
  • Create a new secret to hold the TLS key and certificate
kubectl create secret tls keycloak-tls-secret --namespace YOUR_NAMESPACE --key tls.key --cert tls.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment