erlang/docker-erlang-example
1
0
Fork 0
mirror of https://github.com/erlang/docker-erlang-example.git synced 2025-04-19 01:24:03 +03:00
Code

Create bash script for creating https certs

Browse Source
This commit is contained in:
Lukas Larsson 2017-02-22 11:08:17 +01:00
parent 9cf386ddb3
commit 22599a0d25
3 changed files with 49 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
README-CERTS.md Normal file
View File

@ -0,0 +1,23 @@
## Generating Certificate
Generate certificates in subdirectory `ssl`.
### Root CA
$ openssl genrsa -out dockerwatch-ca.key 4096
$ openssl req -x509 -new -nodes -key dockerwatch-ca.key -sha256 -days 1024 -out dockerwatch-ca.pem
### Server Certificate
$ openssl genrsa -out dockerwatch-server.key 4096
Certificate signing request
$ openssl req -new -key dockerwatch-server.key -out dockerwatch-server.csr
The most important field: `Common Name (eg, YOUR name) []: localhost`. We use localhost in this example.
### Sign it
$ openssl x509 -req -in dockerwatch-server.csr -CA dockerwatch-ca.pem -CAkey dockerwatch-ca.key -CAcreateserial -out dockerwatch-server.pem -days 500 -sha256

27
README.md
View File

@ -104,32 +104,9 @@ What happened?
Generate certificates in subdirectory `ssl`.
$ mkdir ssl && cd ssl
$ ./create-certs
### Root CA
$ openssl genrsa -out dockerwatch-ca.key 4096
$ openssl req -x509 -new -nodes -key dockerwatch-ca.key -sha256 -days 1024 -out dockerwatch-ca.pem
### Server Certificate
$ openssl genrsa -out dockerwatch-server.key 4096
Certificate signing request
$ openssl req -new -key dockerwatch-server.key -out dockerwatch-server.csr
The most important field: `Common Name (eg, YOUR name) []: localhost`. We use localhost in this example.
### Sign it
$ openssl x509 -req -in dockerwatch-server.csr -CA dockerwatch-ca.pem -CAkey dockerwatch-ca.key -CAcreateserial -out dockerwatch-server.pem -days 500 -sha256
Once done with the certificates, change directory to the top directory of this repository.
$ cd ..
For some more details of what this command does, wee [README-CERTS.md](README-CERTS.md)
## Running the Erlang Application

24
create-certs Executable file
View File

@ -0,0 +1,24 @@
#!/bin/sh
set -e
if [ ! -d ssl ]; then
mkdir ssl
fi
# Create the root CA (Certificate Authority)
openssl genrsa -out ssl/dockerwatch-ca.key 4096
## Certificate signing request for root CA
echo "!!! \"Common Name\" should be left blank"
openssl req -x509 -new -nodes -key ssl/dockerwatch-ca.key -sha256 -days 1024 -out ssl/dockerwatch-ca.pem
# Create the server certificate
openssl genrsa -out ssl/dockerwatch-server.key 4096
## Certificate signing request for server certificate
echo "!!! \"Common Name\" has to be the name that you use to connect to the server, eg. localhost "
openssl req -new -key ssl/dockerwatch-server.key -out ssl/dockerwatch-server.csr
## Sign the server certificate using the root CA
openssl x509 -req -in ssl/dockerwatch-server.csr -CA ssl/dockerwatch-ca.pem -CAkey ssl/dockerwatch-ca.key -CAcreateserial -out ssl/dockerwatch-server.pem -days 500 -sha256