github.com/tommi2day/gomodules@v1.13.2-0.20240423190010-b7d55d252a27/test/docker/ldap/gen_certs.sh

github.com/tommi2day/gomodules@v1.13.2-0.20240423190010-b7d55d252a27/test/docker/ldap/gen_certs.sh (about)

     1  #! /bin/sh
     2  # https://smallstep.com/docs/step-cli/installation/
     3  
     4  SERVER=ldap
     5  DOMAIN=example.local
     6  DIR=certs
     7  mkdir -p $DIR
     8  cd $DIR||exit
     9  if [ ! -r cakey.pem ]; then
    10    step certificate create "Root CA" "ca.crt" "ca.key" \
    11      --no-password --insecure \
    12      --profile root-ca \
    13      --not-before "2021-01-01T00:00:00+00:00" \
    14      --not-after "2031-01-01T00:00:00+00:00" \
    15      --san "$DOMAIN" \
    16      --san "ca.$DOMAIN" \
    17      --kty RSA --size 2048
    18  fi
    19  step certificate create "${SERVER}.${DOMAIN}" "${SERVER}.${DOMAIN}.crt" "${SERVER}.${DOMAIN}.key" \
    20    --no-password --insecure \
    21    --profile leaf \
    22    --ca "ca.crt" \
    23    --ca-key "ca.key" \
    24    --not-before "2021-01-01T00:00:00+00:00" \
    25    --not-after "2031-01-01T00:00:00+00:00" \
    26    --san "$DOMAIN" \
    27    --san "${SERVER}.${DOMAIN}" \
    28    --kty RSA --size 2048
    29  
    30  # join crt and ca
    31  cat "${SERVER}.${DOMAIN}.crt" ca.crt >>"${SERVER}.${DOMAIN}-full.crt"