go.etcd.io/etcd@v3.3.27+incompatible/hack/scripts-dev/docker-dns/certs-common-name-auth/gencerts.sh

go.etcd.io/etcd@v3.3.27+incompatible/hack/scripts-dev/docker-dns/certs-common-name-auth/gencerts.sh (about)

     1  #!/bin/bash
     2  
     3  if ! [[ "$0" =~ "./gencerts.sh" ]]; then
     4  	echo "must be run from 'fixtures'"
     5  	exit 255
     6  fi
     7  
     8  if ! which cfssl; then
     9  	echo "cfssl is not installed"
    10  	exit 255
    11  fi
    12  
    13  cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
    14  mv ca.pem ca.crt
    15  openssl x509 -in ca.crt -noout -text
    16  
    17  # generate wildcard certificates DNS: m1/m2/m3.etcd.local
    18  cfssl gencert \
    19      --ca ./ca.crt \
    20      --ca-key ./ca-key.pem \
    21      --config ./gencert.json \
    22      ./server-ca-csr.json | cfssljson --bare ./server
    23  mv server.pem server.crt
    24  mv server-key.pem server.key.insecure
    25  
    26  rm -f *.csr *.pem *.stderr *.txt