Created
June 28, 2023 10:09
-
-
Save leobaiano/c182dc2d888e336730cfd86bac8314bc to your computer and use it in GitHub Desktop.
Como gerar certificados, usando SSL, para cliente servidor se comunicarem utilizando mTLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Gerar certificado do servidor | |
// Onde tem leobaianotest.dev deve ser alterado para seu host | |
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt -subj '/CN=leobaianotest.dev/O=leobaianotest.dev' | |
# Gerar CA root que assinará o certificado do cliente e ficará no servidor | |
openssl req -x509 -sha256 -newkey rsa:4096 -keyout ca.key -out ca.crt -days 356 -nodes -subj '/CN=Autoridade Cliente' | |
# Gerar csr para gerar certificado do cliente | |
openssl req -new -newkey rsa:4096 -keyout client.key -out client.csr -nodes -subj '/CN=Cliente' | |
# Assinar csr com o CA e gerar certificado do cliente | |
openssl x509 -req -sha256 -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment