- Create Certificates
bash make_cert.sh
- Import CA cert
ca.crt
w/ FireFox: Settings -> Privacy and Security -> Security -> Manage Certificates -> Authorities - Import Client cert
laptopuser.p12
w/ FireFox: Preferences -> Prvacy & Security -> View Certificates -> Your Certificates - Start Services
docker-compose up -d
- Navigate to http://localhost:8000
- Use Source as https://localhost:8080
-
-
Save darkn3rd/e8276306c3bae9767c49d03a16250002 to your computer and use it in GitHub Desktop.
Dgraph Mutual TLS Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DGRAPH_ALPHA_TLS_CLIENT_AUTH=REQUIREANDVERIFY | |
DGRAPH_VERSION=v20.03.4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "3.5" | |
services: | |
tls-zero1: | |
image: dgraph/dgraph:$DGRAPH_VERSION | |
container_name: tls-zero1 | |
working_dir: /data/zero1 | |
ports: | |
- 5080:5080 | |
- 6080:6080 | |
command: dgraph zero --my=tls-zero1:5080 --replicas 1 --idx 1 | |
tls-alpha1: | |
image: dgraph/dgraph:$DGRAPH_VERSION | |
container_name: tls-alpha1 | |
working_dir: /data/alpha1 | |
volumes: | |
- type: bind | |
source: ./tls/ | |
target: /tls | |
read_only: true | |
environment: | |
DGRAPH_ALPHA_TLS_DIR: /tls | |
DGRAPH_ALPHA_TLS_CLIENT_AUTH: ${DGRAPH_ALPHA_TLS_CLIENT_AUTH} | |
ports: | |
- 8080:8080 | |
- 9080:9080 | |
command: dgraph alpha --my=tls-alpha1:7080 --lru_mb=1024 --zero=tls-zero1:5080 | |
tls-ratel: | |
image: dgraph/dgraph:$DGRAPH_VERSION | |
ports: | |
- 8000:8000 | |
command: dgraph-ratel | |
container_name: tls-ratel |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dgraph cert -n localhost -c laptopuser | |
openssl pkcs12 -export \ | |
-out laptopuser.p12 \ | |
-in tls/client.laptopuser.crt \ | |
-inkey tls/client.laptopuser.key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment