github.phpd.cn/cilium/cilium@v1.6.12/test/consul/gen-cert.sh (about) 1 #!/usr/bin/env bash 2 3 clean() { 4 rm -f server.crt server.key server-ca.crt consul-client.crt consul-client.key consul-client-ca.crt cilium-consul.yaml 5 exit 0 6 } 7 8 gen_consul_config() { 9 cat > cilium-consul.yaml <<EOF 10 --- 11 cafile: '$dir/consul-client-ca.crt' 12 keyfile: '$dir/consul-client.key' 13 certfile: '$dir/consul-client.crt' 14 EOF 15 } 16 17 gen() { 18 if [ -z "$(which cfssl)" ]; then 19 echo "Please install the cfssl utility and make sure you have it in your \$PATH" 20 echo "You can install it in your \$GOPATH by running:" 21 echo "go get -u github.com/cloudflare/cfssl/cmd/cfssl" 22 exit -1 23 fi 24 25 if [ -z "$(which cfssljson)" ]; then 26 echo "Please install the cfssljson utility and make sure you have it in your \$PATH" 27 echo "You can install it in your \$GOPATH by running:" 28 echo "go get -u github.com/cloudflare/cfssl/cmd/cfssljson" 29 exit -1 30 fi 31 32 cd "${dir}" 33 34 echo "generating CA certs ===" 35 cfssl gencert -initca ca-csr.json | cfssljson -bare ca 36 37 38 echo "generating consul server certs ===" 39 cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -hostname="$1,localhost,127.0.0.1" -config=ca-config.json -profile=server server.json | cfssljson -bare server 40 41 echo "generating consul client certs ===" 42 cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -hostname="localhost,127.0.0.1" -config=ca-config.json -profile=client consul-client.json | cfssljson -bare consul-client 43 44 mv consul-client.pem consul-client.crt 45 mv consul-client-key.pem consul-client.key 46 cp ca.pem consul-client-ca.crt 47 48 mv server.pem server.crt 49 mv server-key.pem server.key 50 mv ca.pem server-ca.crt 51 rm *.csr ca-key.pem 52 53 gen_consul_config 54 } 55 56 57 dir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) 58 cd $dir 59 "$@" 60 cd -