go.etcd.io/etcd@v3.3.27+incompatible/hack/scripts-dev/docker-dns-srv/certs/gencerts.sh (about) 1 #!/bin/bash 2 3 if ! [[ "$0" =~ "./gencerts.sh" ]]; then 4 echo "must be run from 'fixtures'" 5 exit 255 6 fi 7 8 if ! which cfssl; then 9 echo "cfssl is not installed" 10 exit 255 11 fi 12 13 cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca 14 mv ca.pem ca.crt 15 openssl x509 -in ca.crt -noout -text 16 17 # generate wildcard certificates DNS: *.etcd.local 18 cfssl gencert \ 19 --ca ./ca.crt \ 20 --ca-key ./ca-key.pem \ 21 --config ./gencert.json \ 22 ./server-ca-csr.json | cfssljson --bare ./server 23 mv server.pem server.crt 24 mv server-key.pem server.key.insecure 25 26 rm -f *.csr *.pem *.stderr *.txt