github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/helper/tlsutil/testdata/README.md (about) 1 # Nomad Test Certificate 2 3 Using [cfssl 1.6.0](https://github.com/cloudflare/cfssl) 4 5 | File | Description | 6 |---------------------|---------------------------| 7 | `ca.pem` | CA certificate | 8 | `ca-key.pem` | CA Key | 9 | `nomad-foo.pem` | Nomad cert for foo region | 10 | `nomad-foo-key.pem` | Nomad key for foo region | 11 | `ca-bad.pem` | CA cert for bad region | 12 | `ca-key-bad.pem` | CA key for bad region | 13 | `nomad-bad.pem` | Nomad cert for bad region | 14 | `nomad-bad-key.pem` | Nomad key for bad region | 15 | `global-*.pem` | For global region | 16 17 ## Generating self-signed certs 18 ```sh 19 # Write defaults and update. 20 # NOTE: this doesn't need to be run if regenerating old certificates and 21 # shouldn't as it overrides non-default values. 22 cfssl print-defaults csr > ca-csr.json 23 cfssl print-defaults csr > ca-bad-csr.json 24 cfssl print-defaults config > ca-config.json 25 26 # Generate CA certificates and keys. 27 # 28 # 1. Generates ca.csr, ca.pem, and ca-key.pem. 29 # 2. Generates ca-bad.csr, ca-bad.pem, and ca-bad-key.pem. 30 cfssl gencert -loglevel=5 -config ca-config.json -initca ca-csr.json | cfssljson -bare ca - 31 cfssl gencert -loglevel=5 -config ca-config.json -initca ca-bad-csr.json | cfssljson -bare ca-bad - 32 33 # Generate certificates and keys. 34 # 35 # 1. Generates nomad-foo.csr, nomad-foo.pem, and nomad-foo-key.pem. 36 # 1. Generates nomad-bad.csr, nomad-bad.pem, and nomad-bad-key.pem. 37 cfssl gencert -loglevel=5 -ca ca.pem -ca-key ca-key.pem -config ca-config.json nomad-foo-csr.json | cfssljson -bare nomad-foo 38 cfssl gencert -loglevel=5 -ca ca-bad.pem -ca-key ca-bad-key.pem -config ca-config.json nomad-bad-csr.json | cfssljson -bare nomad-bad 39 ```