go.etcd.io/etcd@v3.3.27+incompatible/hack/scripts-dev/docker-dns/certs-common-name-multi/gencerts.sh

go.etcd.io/etcd@v3.3.27+incompatible/hack/scripts-dev/docker-dns/certs-common-name-multi/gencerts.sh (about)

     1  #!/bin/bash
     2  
     3  if ! [[ "$0" =~ "./gencerts.sh" ]]; then
     4  	echo "must be run from 'fixtures'"
     5  	exit 255
     6  fi
     7  
     8  if ! which cfssl; then
     9  	echo "cfssl is not installed"
    10  	exit 255
    11  fi
    12  
    13  cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
    14  mv ca.pem ca.crt
    15  openssl x509 -in ca.crt -noout -text
    16  
    17  # generate wildcard certificates DNS: m1/m2/m3.etcd.local
    18  cfssl gencert \
    19      --ca ./ca.crt \
    20      --ca-key ./ca-key.pem \
    21      --config ./gencert.json \
    22      ./server-ca-csr-1.json | cfssljson --bare ./server-1
    23  mv server-1.pem server-1.crt
    24  mv server-1-key.pem server-1.key.insecure
    25  
    26  cfssl gencert \
    27      --ca ./ca.crt \
    28      --ca-key ./ca-key.pem \
    29      --config ./gencert.json \
    30      ./server-ca-csr-2.json | cfssljson --bare ./server-2
    31  mv server-2.pem server-2.crt
    32  mv server-2-key.pem server-2.key.insecure
    33  
    34  cfssl gencert \
    35      --ca ./ca.crt \
    36      --ca-key ./ca-key.pem \
    37      --config ./gencert.json \
    38      ./server-ca-csr-3.json | cfssljson --bare ./server-3
    39  mv server-3.pem server-3.crt
    40  mv server-3-key.pem server-3.key.insecure
    41  
    42  rm -f *.csr *.pem *.stderr *.txt