-
-
Save kaihendry/990027a7c9a54efcdf138d45f720088e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate a self-signed certificate authority (CA) certificate and key | |
| ca.crt: | |
| openssl req -new -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout ca.key -out ca.crt | |
| # Generate a server certificate and key signed by the CA | |
| server.crt: ca.crt | |
| openssl req -new -nodes -newkey rsa:2048 -keyout server.key -out server.csr | |
| openssl x509 -req -sha256 -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt -days 365 | |
| # Generate a client certificate and key signed by the CA | |
| client.crt: ca.crt | |
| openssl req -new -nodes -newkey rsa:2048 -keyout client.key -out client.csr | |
| openssl x509 -req -sha256 -CA ca.crt -CAkey ca.key -CAcreateserial -in client.csr -out client.crt -days 365 | |
| # Generate PKCS12 files for the server and client | |
| server.p12: server.crt server.key | |
| openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt -certfile ca.crt | |
| client.p12: client.crt client.key | |
| openssl pkcs12 -export -out client.p12 -inkey client.key -in client.crt -certfile ca.crt | |
| clean: | |
| rm -f ca.* server.* client.* *.p12 | |
| infos: server.p12 | |
| openssl pkcs12 -info -in ./server.p12 | |
| infoc: client.p12 | |
| openssl pkcs12 -info -in ./client.p12 | |
| wss: | |
| websocat --pkcs12-der ./server.p12 -s 4321 | |
| wsc: # only works with -k | |
| websocat --client-pkcs12-der ./client.p12 wss://localhost:4321 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment