Skip to content

Instantly share code, notes, and snippets.

View jeduardo's full-sized avatar

J. Eduardo jeduardo

13 followers · 22 following
View GitHub Profile
@jeduardo
jeduardo / nginx-mtls.md
Last active March 22, 2024 13:38
mTLS with self-signed certificates in nginx

mTLS with self-signed certificates in nginx

First step is to generate the certificate and keys:

mkdir nginx-certs
cd nginx-certs
# Using the -nodes flag here so it does not ask for any password when exporting the key
openssl req -subj '/CN=ssl.test.local' -x509 -new -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -addext "keyUsage = digitalSignature,keyAgreement" -addext "extendedKeyUsage = serverAuth, clientAuth" -addext "subjectAltName = DNS:ssl.test.local, DNS:localhost, IP:127.0.0.1"
# The PCKS12 export will ask for a password. I will use 'test' again and will refer it in the final curl test command
@jeduardo
jeduardo / keybase.md
Created July 13, 2016 18:49

Keybase proof

I hereby claim:

  • I am jeduardo on github.
  • I am jeduardo (https://keybase.io/jeduardo) on keybase.
  • I have a public key whose fingerprint is 22F9 A4DC 1A19 6100 F17D EB73 FC7A 942F 6FAA B87B

To claim this, I am signing this object: