Skip to content

Instantly share code, notes, and snippets.

@darkn3rd

darkn3rd/.env

Last active September 2, 2020 00:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save darkn3rd/e8276306c3bae9767c49d03a16250002 to your computer and use it in GitHub Desktop.
Save darkn3rd/e8276306c3bae9767c49d03a16250002 to your computer and use it in GitHub Desktop.
Download ZIP
Dgraph Mutual TLS Testing
Raw
.env
DGRAPH_ALPHA_TLS_CLIENT_AUTH=REQUIREANDVERIFY
DGRAPH_VERSION=v20.03.4
Raw
README.md
  1. Create Certificates bash make_cert.sh
  2. Import CA cert ca.crt w/ FireFox: Settings -> Privacy and Security -> Security -> Manage Certificates -> Authorities
  3. Import Client cert laptopuser.p12 w/ FireFox: Preferences -> Prvacy & Security -> View Certificates -> Your Certificates
  4. Start Services docker-compose up -d
  5. Navigate to http://localhost:8000
  6. Use Source as https://localhost:8080
Raw
docker-compose.yml
version: "3.5"
services:
tls-zero1:
image: dgraph/dgraph:$DGRAPH_VERSION
container_name: tls-zero1
working_dir: /data/zero1
ports:
- 5080:5080
- 6080:6080
command: dgraph zero --my=tls-zero1:5080 --replicas 1 --idx 1
tls-alpha1:
image: dgraph/dgraph:$DGRAPH_VERSION
container_name: tls-alpha1
working_dir: /data/alpha1
volumes:
- type: bind
source: ./tls/
target: /tls
read_only: true
environment:
DGRAPH_ALPHA_TLS_DIR: /tls
DGRAPH_ALPHA_TLS_CLIENT_AUTH: ${DGRAPH_ALPHA_TLS_CLIENT_AUTH}
ports:
- 8080:8080
- 9080:9080
command: dgraph alpha --my=tls-alpha1:7080 --lru_mb=1024 --zero=tls-zero1:5080
tls-ratel:
image: dgraph/dgraph:$DGRAPH_VERSION
ports:
- 8000:8000
command: dgraph-ratel
container_name: tls-ratel
Raw
make_cert.sh
dgraph cert -n localhost -c laptopuser
openssl pkcs12 -export \
-out laptopuser.p12 \
-in tls/client.laptopuser.crt \
-inkey tls/client.laptopuser.key
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment