*: regenerate "fixtures-expired"
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>release-3.4
parent
774f6652df
commit
a60bb6104c
|
@ -37,9 +37,9 @@ var (
|
|||
}
|
||||
|
||||
testTLSInfoExpired = transport.TLSInfo{
|
||||
KeyFile: "../../integration/fixtures-expired/server-key.pem",
|
||||
CertFile: "../../integration/fixtures-expired/server.pem",
|
||||
TrustedCAFile: "../../integration/fixtures-expired/etcd-root-ca.pem",
|
||||
KeyFile: "../../integration/fixtures-expired/server.key.insecure",
|
||||
CertFile: "../../integration/fixtures-expired/server.crt",
|
||||
TrustedCAFile: "../../integration/fixtures-expired/ca.crt",
|
||||
ClientCertAuth: true,
|
||||
}
|
||||
)
|
||||
|
|
|
@ -84,9 +84,9 @@ var (
|
|||
}
|
||||
|
||||
testTLSInfoExpired = transport.TLSInfo{
|
||||
KeyFile: "./fixtures-expired/server-key.pem",
|
||||
CertFile: "./fixtures-expired/server.pem",
|
||||
TrustedCAFile: "./fixtures-expired/etcd-root-ca.pem",
|
||||
KeyFile: "../../integration/fixtures-expired/server.key.insecure",
|
||||
CertFile: "../../integration/fixtures-expired/server.crt",
|
||||
TrustedCAFile: "../../integration/fixtures-expired/ca.crt",
|
||||
ClientCertAuth: true,
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 2048
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"O": "etcd",
|
||||
"OU": "etcd Security",
|
||||
"L": "San Francisco",
|
||||
"ST": "California",
|
||||
"C": "USA"
|
||||
}
|
||||
],
|
||||
"CN": "ca",
|
||||
"ca": {
|
||||
"expiry": "87600h"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID0jCCArqgAwIBAgIUbY6SSy/rF2TQzWsH4GxG+h+Pvw8wDQYJKoZIhvcNAQEL
|
||||
BQAwbzEMMAoGA1UEBhMDVVNBMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
|
||||
Ew1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNl
|
||||
Y3VyaXR5MQswCQYDVQQDEwJjYTAeFw0xODA0MDgxNzUzMDBaFw0yODA0MDUxNzUz
|
||||
MDBaMG8xDDAKBgNVBAYTA1VTQTETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE
|
||||
BxMNU2FuIEZyYW5jaXNjbzENMAsGA1UEChMEZXRjZDEWMBQGA1UECxMNZXRjZCBT
|
||||
ZWN1cml0eTELMAkGA1UEAxMCY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||
AoIBAQCqhEOeNSLK5CcfvZgHFHPJzRWeDc/fAQ3U2GSF1+KEslOA0mmHiL1paloS
|
||||
CbuwzoY/EGPCudFxIwFwjl2BAxbMdaCAKCxPwMHfn/38I45GgJFODjcOP0AX9i3O
|
||||
z2jsAGm02HNicmF24TuQgij8lvhhKjNsy2Lrb8/i6NmX8AKZl9smkRRd5HpUz9DD
|
||||
HelH2CXYCjbGXdpCyjN2PwfGSoCsAV8NDwbe0CAg6+dZCQrbqt2PJE2uRBoLgp3p
|
||||
AsVdPiFL1igOimgQRShGvMEVLkA7cmB3fALZy1WTGGj4h76HtEz8nywN7PmoWQJv
|
||||
AZFM168XPQ35S9+1CROtWUoM7dlhAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjAS
|
||||
BgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBSLaEU8nqrYzNEcmi0oZKd1AAFK
|
||||
gTAfBgNVHSMEGDAWgBSLaEU8nqrYzNEcmi0oZKd1AAFKgTANBgkqhkiG9w0BAQsF
|
||||
AAOCAQEApPHGwdcMRWMk+RS1NVb3yCPdf2Tx8pPYAJpLY46OPenGnFt6+wJs6Nhq
|
||||
bj9zmEEqyn1WLXtuel+X4E4BEofkTEAM+06UT7SGgEF7zMY+zQjfPqD52jLhS11I
|
||||
hp3u/hDR5c8r6RmvuH1TiPK5twxmV1w6LRGQcGJtw1PdTVfgHM+1s7kQ+Ineo4kK
|
||||
8m1JR44B3GHyw+o0jsf5NqnmQnW6aMACQXiX93fnelkPOsKez/oxiy/WK5dDMrzH
|
||||
JgNonK+bZRpef15XK3EOhmHp8YrY0CEq4MFsxxmkMZT0OnvIMEi9SkPV1cFq2N7r
|
||||
uTB9aMzzD/1u+3+IpHCrkb0QICj3YQ==
|
||||
-----END CERTIFICATE-----
|
|
@ -1,51 +0,0 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKQIBAAKCAgEAn/3pG4N9sLWucz5yPVmAuPCuh5tvHs2wRWsBnrTM9qqIpCjR
|
||||
7rNJzZSy3bAMxX+u1JXUK/Nt3lT87zrIkkC4En74avJSxt+cQlSs54sHFsRo/Idl
|
||||
b/6b/dEeS4bko7xlymzX5WDSZJ9Aj69wNZx73TGsHiZDBnQziyE1lPPs38qYcJtc
|
||||
kZKGgsTwJ0e1gvBE+k8KdhTSBX1jYPiycOpibajEERa6dMNZHIJRElJAQejgFDzE
|
||||
VRLCZBddT0kwVx1ttqYCtYDGlqg2Th2J5n1GAddQLffz8/8ZOuJsCYYgA+8LY55f
|
||||
x7H392msdTWnaLVW3VYE9j5lf69/pJlVThP46kjuwtX9hfEkoLRjXBF98TibnQXQ
|
||||
E+LVUNv3ezR/W+lntJOxg7Pka+5OjG/S9Kgj/QOA4nAkoPeQ/NXosBX8d/Z8qHi3
|
||||
f5YRtmT5NLwAgaSBg2lty8B20o9a63prwhEOmk++ENh8UmexUJ+Amy8lGyB/0fRC
|
||||
2YFnC5sJJETjDjyrPrWJA8760Eq0TffRYYgcKyJJtioduyPncLxGY7CkT/tsh6oy
|
||||
IY+RndKOfHdD67yqLZyuwdz/LsaxABELEbbFekE6mlQ/OclZzce5m8+bDZ4W3nRt
|
||||
S/GygXhWNj6XxKyk8RQNB6p2a5gRIxEAadHuUJd0fFZht+xNlOEuB6n7CPkCAwEA
|
||||
AQKCAgBILiZ/2jfXhG/64D5r/Tg8t6EV3wMn84ZGGzu03T7nPhK9dQkZVtvCGwcD
|
||||
SwzIAY3frOT3GzEDMHaYe33HtdkVxyDOJxs/S9zUdB05rRh6pgvzeiZCe6zmuvSf
|
||||
AHGgiTunMqnIe4EQEmTvLihCl6GuLl3HkF2GyOAEMexZkh7Y7C8QBpehuWhkEPOD
|
||||
1S9HrpyADS7cDRKflW1Db5AZrzTO4mfqicV/Li7C1Ow8hs0kryqBFtVAyGDZBU18
|
||||
mrlrZAR+dbEdL8boa2Vsopj3Wqc952TuCEKQXxOD5Gj3dwJ0o+EQhYASuPD1N0Ct
|
||||
9JHdhIp2+vrsGURzcbr1iJPa0NnoKk1HHee5LI8PnjOIsy/KaNBM4PWvmP+sWbUC
|
||||
Ej6JTiyZklHztRCq6EkXhUU2D1PplkqBtAM9DnubkuHvqrPa+BDEI1OZABxJHblA
|
||||
FvSB5D8bLx7rFZD7H2UvDG+e/Y7STNSo178qY2X6e5GRxoaB+/m9XU/P0+nSA+U1
|
||||
QtR00b95WSw6rn3hdgLXf5pxpmCoQqndkQzT8Xx/iY53s8Lr020c84tp6eMp4rsJ
|
||||
t145eLi+RnJLGDnXeb0I5/sEJE9SUyR7L/AARB0ewgrTsr2Cy2zpDCDh2s6oWTcS
|
||||
46XqU/yPcEf5NnPC7YLVjF8zWa6qO6VsBadntW6PmUbxQqehXQKCAQEAwdJGyX6w
|
||||
F8WrUv3nxP1GOAB1z86/6HS/+2znmDAqlIFqMikIcUHsMfRMeBga/M+pvSRajmG3
|
||||
MUWIoRZhgyDMMtdMGOqv8bAvaHqR7UlFymeU4m/kIRmJaU81167KKF0eFc4akf6G
|
||||
bzIbkGkZVAlnLWGBaloYj6vz8NWw6gJkTT+vH+Cz9g0hJ+bnNHuttxLKkDW2Fc87
|
||||
Mt8KFI14xK/tJiPktSCfVxjyVj16tn63lLQFKo5bOqsTUSxkFTPtIhGm2YGTk0Dv
|
||||
/hM9x7GhMPnQ2o0lK6FhCHzAnQkoD5ld8KL5hV3iP7Jg0+H9c9c8e+gHum0n+vxo
|
||||
WolOFsrd26ocEwKCAQEA01FbcKfz85qCP6336oVhr/Kl4TE2V+kWRbOpg48EVkJ+
|
||||
uJrqLoA/OSCYjmmh7ly5fjTpE1Juvhbuo54MoGLxQ954H47Hux+0daoX9hAEcOK5
|
||||
AiWINC7Gqi1rzQ3b9Vp2PxbiR6JcDqiy6UoK81uP6N6PgpUuu+EV74asP5SWGx/u
|
||||
BhScd5QLjjtf77n0Zn5aoNSuHt3JOzjToMl4WCtaP+/t0edkBsfcU/grNs85B/wN
|
||||
6A5uJR8T52wVWw5xQYbblU92JeDSgfQr1LD5VVOr8hQzVxDoOI8SL2dx68OEMw9v
|
||||
hzVfHL79sKCLUAJHGqnBC+zLcVCbDctm7EVxgAmQQwKCAQEArO1Xit8lbZBHUzyG
|
||||
VRNEWyLN+iKUxmmkAEciOn5+/xCYFzjU93fBrLAyqdOYAIenAcI1qWM1dxh61n6J
|
||||
cd0JUzMUCgcaA6EWKzlwiS0ev3+7Lmx2NbH7D6JEf7LLW0f5V6sTub5FY2Bph2a9
|
||||
2mSpUav1M1Y/I7BfbTi7J44Kv4FaVi69YYJFWryA/Cp8yyJQ6GmDk+HZB4JIFB5E
|
||||
6festqK/o3r/r03qqVcg7UIRuPMEyPtKGgYYrgvVH7W8lPD61ITvjioZ9a5lKI4r
|
||||
Ku84kEXuLAdH87Kah4Fr5L8JOXGu/nbNLdeQ3Hp9D6WxqTtT6dkKGryovl5S9bL6
|
||||
TspvUQKCAQEAxAwJmlWnJMymo++BPolqHLMwI+DlOt/bMuVAkfYgHurn59qJAoUm
|
||||
ophUEGN9wMczrBvoVG24ohBia1dY/X9tt/pwVU7AjCEY6cTZIAayKAyfeZdaapcu
|
||||
5njnN0DxXQoFA/j2C2FcqJjoCzkPOcErnO7GE27WAaYMFMFLkl0GebnAuNFsbB/k
|
||||
LJt3IM/TJzd4WxeVRruaUqAg7l2bkaj+vKyaZY+XpBbNmPV3Gg1cKsU0HaMtmrDf
|
||||
ZWdH1MdsWU+E7lvfD7spcTkXZOafGwNaVWdaTh84YiiRxXriHMmyHzDl1nm0eNXU
|
||||
RIZdWOgUEW+F0stn3wPaJg0bun2elBvLQwKCAQBcTaEhnVOJvBxMtM6G6N/rzBLb
|
||||
yQNKPPmMfCK9+TXFMpfsfYqiST/63wRbYIQ0tjiyx+dXb7VawhovCT7AR5Ct+0zW
|
||||
iCG9yUNhbFEXUWUbthdrt1Xr3IBw9NCfYHosTjyOHi0eAn1ORFlD6GNzv27zeQHR
|
||||
nBJwR6/SJOLYNztJLIyQGrK8fBuqaVFf2zaxDwCiPtIRUudbLJPobEyGfszjpvAR
|
||||
nIe1aqh/ONLjBgwkj/6uLI15IDexqoW5j6KyW+MlAqBmqLecOFnfM7ZKW6VHvZpZ
|
||||
me+2Zgxulhq9iRyPHcYDhUzIktH6IF4hYITdLS4IbCezcp4LmHgbyDpxu3+J
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -1,34 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF5jCCA86gAwIBAgIUIzbfeuRpE4/TdkmJEYNNOA2VoLgwDQYJKoZIhvcNAQEN
|
||||
BQAweTEMMAoGA1UEBhMDVVNBMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
|
||||
Ew1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNl
|
||||
Y3VyaXR5MRUwEwYDVQQDEwxldGNkLXJvb3QtY2EwHhcNMTcwMTI2MTkxNTAwWhcN
|
||||
MTcwMTI2MjAxNTAwWjB5MQwwCgYDVQQGEwNVU0ExEzARBgNVBAgTCkNhbGlmb3Ju
|
||||
aWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDTALBgNVBAoTBGV0Y2QxFjAUBgNV
|
||||
BAsTDWV0Y2QgU2VjdXJpdHkxFTATBgNVBAMTDGV0Y2Qtcm9vdC1jYTCCAiIwDQYJ
|
||||
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ/96RuDfbC1rnM+cj1ZgLjwroebbx7N
|
||||
sEVrAZ60zPaqiKQo0e6zSc2Ust2wDMV/rtSV1Cvzbd5U/O86yJJAuBJ++GryUsbf
|
||||
nEJUrOeLBxbEaPyHZW/+m/3RHkuG5KO8Zcps1+Vg0mSfQI+vcDWce90xrB4mQwZ0
|
||||
M4shNZTz7N/KmHCbXJGShoLE8CdHtYLwRPpPCnYU0gV9Y2D4snDqYm2oxBEWunTD
|
||||
WRyCURJSQEHo4BQ8xFUSwmQXXU9JMFcdbbamArWAxpaoNk4dieZ9RgHXUC338/P/
|
||||
GTribAmGIAPvC2OeX8ex9/dprHU1p2i1Vt1WBPY+ZX+vf6SZVU4T+OpI7sLV/YXx
|
||||
JKC0Y1wRffE4m50F0BPi1VDb93s0f1vpZ7STsYOz5GvuToxv0vSoI/0DgOJwJKD3
|
||||
kPzV6LAV/Hf2fKh4t3+WEbZk+TS8AIGkgYNpbcvAdtKPWut6a8IRDppPvhDYfFJn
|
||||
sVCfgJsvJRsgf9H0QtmBZwubCSRE4w48qz61iQPO+tBKtE330WGIHCsiSbYqHbsj
|
||||
53C8RmOwpE/7bIeqMiGPkZ3Sjnx3Q+u8qi2crsHc/y7GsQARCxG2xXpBOppUPznJ
|
||||
Wc3HuZvPmw2eFt50bUvxsoF4VjY+l8SspPEUDQeqdmuYESMRAGnR7lCXdHxWYbfs
|
||||
TZThLgep+wj5AgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
|
||||
AQH/AgECMB0GA1UdDgQWBBRnbPUmgSmUC3API24MQ5x/Xh08xzAfBgNVHSMEGDAW
|
||||
gBRnbPUmgSmUC3API24MQ5x/Xh08xzANBgkqhkiG9w0BAQ0FAAOCAgEAFPoCwCcw
|
||||
ecCkvFTxjJnMI9v+i0VlqgKH5Q8ZAxwsPI+bck5KdUbi7aWTwvlZxM/2WT0NsWGO
|
||||
hKZhsJnOZsRaEmeKV5TD1Ua2urQSXWztjGDn/+6JR47FYIP57d3+w5wYuwwzy2ne
|
||||
4oY4OIOmot9Wqgc1D5yOo9D81Udq6DOfb9DeXqa+UuQGoYu1hLQrgUQATxiYsu8T
|
||||
FNoG7EQihNuIMlBhU/H1rCKtX4aeRXRRl7Rr/p/+AYqNUblnjwowvBGyYEfzO9ag
|
||||
ixO+li3SbpD4SfZwX1T3SQukoOq2iSCnrWDdP9yvx04X8oPxhbAncjxASDfy4l2S
|
||||
vhaks6L10qZkLjWNGA65UVDPgzAWTi/7XCZZ37bP2poLbg+/VbKVvN4PII81NB54
|
||||
Ew9mkS9NwcjWQvjkhVPVGtk/fiYtkl5yrrWswJMW/fQJvipveMZbEW0jLVx28f7n
|
||||
t+hvaKMy1QBr1HG3bVtty/izDVTsHJLbki07NRNkJM8M7zv960/rL8SK4J300Zm1
|
||||
DjxeyipcX1IGnIeBzNT2ASu1cD40T+qwG7hYtSCpGAkBVq4ZnFSGb3yICv5TvUE4
|
||||
WItEf4eaV/dK0f7yu02u+TS22LiFiWU1d1/wL8HX9n8utS2w3g/YXy8GNWahcjiM
|
||||
AlehNnzoyVafYDVvMKNHBfJuaxa5qTQrctY=
|
||||
-----END CERTIFICATE-----
|
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"signing": {
|
||||
"default": {
|
||||
"usages": [
|
||||
"signing",
|
||||
"key encipherment",
|
||||
"server auth",
|
||||
"client auth"
|
||||
],
|
||||
"expiry": "1h"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,91 +1,31 @@
|
|||
#!/usr/bin/env bash
|
||||
set -e
|
||||
#!/bin/bash
|
||||
|
||||
if ! [[ "$0" =~ "./gencerts.sh" ]]; then
|
||||
echo "must be run from 'fixtures-expired'"
|
||||
exit 255
|
||||
echo "must be run from 'fixtures'"
|
||||
exit 255
|
||||
fi
|
||||
|
||||
if which cfssl >/dev/null; then
|
||||
echo "cfssl is installed; generating certs"
|
||||
else
|
||||
echo "cfssl is not installed; exiting"
|
||||
exit 255
|
||||
if ! which cfssl; then
|
||||
echo "cfssl is not installed"
|
||||
exit 255
|
||||
fi
|
||||
|
||||
cat > ./etcd-root-ca-csr.json <<EOF
|
||||
{
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 4096
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"O": "etcd",
|
||||
"OU": "etcd Security",
|
||||
"L": "San Francisco",
|
||||
"ST": "California",
|
||||
"C": "USA"
|
||||
}
|
||||
],
|
||||
"CN": "etcd-root-ca",
|
||||
"ca": {
|
||||
"expiry": "1h"
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
cfssl gencert --initca=true ./etcd-root-ca-csr.json | cfssljson --bare ./etcd-root-ca
|
||||
|
||||
cat > ./etcd-gencert.json <<EOF
|
||||
{
|
||||
"signing": {
|
||||
"default": {
|
||||
"usages": [
|
||||
"signing",
|
||||
"key encipherment",
|
||||
"server auth",
|
||||
"client auth"
|
||||
],
|
||||
"expiry": "1h"
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
cat > ./server-ca-csr.json <<EOF
|
||||
{
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 4096
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"O": "etcd",
|
||||
"OU": "etcd Security",
|
||||
"L": "San Francisco",
|
||||
"ST": "California",
|
||||
"C": "USA"
|
||||
}
|
||||
],
|
||||
"CN": "example.com",
|
||||
"hosts": [
|
||||
"127.0.0.1",
|
||||
"localhost"
|
||||
]
|
||||
}
|
||||
EOF
|
||||
|
||||
cfssl gencert \
|
||||
--ca ./etcd-root-ca.pem \
|
||||
--ca-key ./etcd-root-ca-key.pem \
|
||||
--config ./etcd-gencert.json \
|
||||
./server-ca-csr.json | cfssljson --bare ./server
|
||||
|
||||
rm ./*.json
|
||||
rm ./*.csr
|
||||
|
||||
cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
|
||||
mv ca.pem ca.crt
|
||||
if which openssl >/dev/null; then
|
||||
openssl x509 -in ./etcd-root-ca.pem -text -noout
|
||||
openssl x509 -in ./server.pem -text -noout
|
||||
openssl x509 -in ca.crt -noout -text
|
||||
fi
|
||||
|
||||
# generate DNS: localhost, IP: 127.0.0.1, CN: example.com certificates
|
||||
cfssl gencert \
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr.json | cfssljson --bare ./server
|
||||
mv server.pem server.crt
|
||||
mv server-key.pem server.key.insecure
|
||||
if which openssl >/dev/null; then
|
||||
openssl x509 -in ./server.crt -text -noout
|
||||
fi
|
||||
|
||||
rm -f *.csr *.pem *.stderr *.txt
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
{
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 2048
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"O": "etcd",
|
||||
"OU": "etcd Security",
|
||||
"L": "San Francisco",
|
||||
"ST": "California",
|
||||
"C": "USA"
|
||||
}
|
||||
],
|
||||
"CN": "example.com",
|
||||
"hosts": [
|
||||
"127.0.0.1",
|
||||
"localhost"
|
||||
]
|
||||
}
|
|
@ -1,51 +0,0 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKAIBAAKCAgEArjJG7BkDXGJ7IJeUbt9ilXZl/SqKVYnQQcbAVqKKsZOUTnWl
|
||||
jYgslXIVDJAYUCZ2WNzXrHq6XOY4qbfNjDIdq28hlq+EydMOU9T/1WrFASbiJdrC
|
||||
mFH1XUX9SImDw9qDit2S4bxW5gs+Q6cSRSGyHf+6/DD24NY2VP3qpjwaEByZGZ7K
|
||||
769zRBhoI2sWslilztQKuiVdeTRNqMtCD/Qa4JIiwyzmYOwKEd+kitrsPwUQg/11
|
||||
RNbUHZEy51GCzeZ467DcjnXiGHsAF6ZMznDvPY8GU71JYkBN1Tq8IQVe9yemqk6S
|
||||
UXYoJJnebX3WMvCZ+XLKYWObANQpXxHsu6t68Hkcg5bDTTbg79JAS8co7wf1S3NA
|
||||
3QudhrTf3anvdbtaZFukusQbVnH7qSp5LFTle+Vl7Megy0/juCBL9/xMSpWqUwUl
|
||||
7evfrm/JkVmCoGm2+56uCyrVK9uRRraqp7J19RuNmhunOiURN610DjsisI1eqAHS
|
||||
naDtMluwBc+HEaJWYzJN1JLvGA3ahOyOcv94FZ1msabq20txvp5oHLd7j9TaVGob
|
||||
qSbDGLZGHrm5If/x2+1Dc9O55Om/82Q8r1Qxt+GqVX+TFed7AvBHFTYbBiW5gT8M
|
||||
SqMb91t+MYmC9ChFbWepC35I6zoHX1B1CgV20lr5PH1wYO+k0IdO6ufZYBcCAwEA
|
||||
AQKCAgAMledX4YrDnv3kYe9Af3VA9TfzLaKnAXkBd5mn6MB6if4aGRfn/OGzvnVU
|
||||
3ghTqiO80d/nP0q9sYiAgp4gNfK80x+rIm1Go7ASUH5Xbgpjxepq775FgQ5oOclN
|
||||
91mEygHdA5s8If5pSoCqJKUGR6P11Ocul18O6YstYtcUQZ1kcpyBJF7nKFb8oYLM
|
||||
pE0Uf6EjK2DHCDITsrq1qlHQk0Np3EUUsubGM+eaWP0rZxvQhc4mqyZQ3fCfXkE+
|
||||
Qz5fH/q2lKWqyUuXlzNvgf1koPY4DWBYpoFpztmQwVicTiYJV10MSvb5Wb8WveM7
|
||||
J+9U6NtHEYsbtDWbvrhqfQIMoRwVqxryUj1h/GN95oZ80pFkhcLfBeu045Fyc7Aa
|
||||
gZT/ugC2Jov/+1uxtLe9ZsZeY+MVBuLrUoG5+Q+Tink+uJ3KYn2TltpdiYmSZ7lY
|
||||
s/SnUBGbmSJjpXsbqbcimnsZLX/T8X53UwHRG5eWmGhJBU60kATsFqZmvkYgI3wc
|
||||
yenDQaIx93fwsBWEBn/Ms1XHaYvVIpeQ4eRboIzkNq0Aefyat6MIQPj5tf2Hlb93
|
||||
bRNxoJaX6oiOtCrqfIdqk688pgjTwV5r4z4R+K4FbVRx0VbU0Dfsa4rVsRFidMdg
|
||||
9s+xvS2wYePkjP5m5q574oStRKYuJsaPDJeXLI5XfzKnLa/eUQKCAQEA5bjIhflh
|
||||
P/3yL/EEC4Pr9t655mi0qyxNegllfkuhEEdH6u+ygj4MtJikVUatL5XHylo0KGM1
|
||||
asdJLlOwFYGsOKLk0Vj2BU1b9PljRYyS+8sZvOQOhDbxkl7zrvaezYPbsVd1IX0v
|
||||
Q6fvOh9N5H127LkspHC+G03g6X+nY/+5b5CxaUHke6Cd+fjxiZnAbyzmhgIHohfC
|
||||
7HCzmKfyJPIJgVpDAHaEWIpAVYU5qRwgrWWjx2WftFXF7NaI5KIoMgbqWCLp1A/O
|
||||
eaO3CB/uRn3l4yjBy+paxpYzkS0LtfHMDk/0tPn8/AFt9L6Pjv+KXYhvpsJAqknQ
|
||||
p0RmFEuEh+AQKQKCAQEAwh96H3TdUzRl0TewWL9IbKdeF1IV7PC1dwljevsTYlU5
|
||||
kUztebtHA6XWXNwlKr8VQ1PVTsncB4VlX3bIlbg8fVy90Uu7FQ/dhSczyuZANjz/
|
||||
ocazZi9wk8OG5k6Sgz/EdevsIPnBfdbPPGgxFkSr1CUEOkRwtI7p/F3gjeJviH7j
|
||||
7BYKJje1mln3/r8h3esgeILOmK4/oKpjjRCbhAsU4j8kLFKMgUYdPgpqFzdgzOLO
|
||||
EIoDqTl7anQkbJUoSbenoHF0xWmWG5uaOo4/ORuTr+ZoN4nkZ6D8R6ZQlPpIw4oD
|
||||
WDeoAcSoFgKoczIlBk4lcz5mbwp2UsiLBYXJFH72PwKCAQEAzBd0R9r8dK74KXG2
|
||||
h0iILodIoBTsVpuApeiNPDyS9vRtR6P3c1EPVq+6aGznVrx6iSPE7RDfF2PAd6Ew
|
||||
cpsHWDYYlomz4ZgOF8ItWVAAEiYqUrBG2V47FzC2zP4crjf0ykUKMluWz0P2/Sts
|
||||
t5BkRQJrUBk+POHe7XRVUjmTFTR2+i3pgZB8aearKPXpipxYnjxVbcQwkIG8febP
|
||||
8dT7bumzV0j0YflKGPDI/p6XxZXkgTWfQsdllfowGviaP3/3WaCDH71/UoCKD3TW
|
||||
69fUkxHVw4YNahtt6xAbNGWDRj/xB4yGH5phhyx6PLB5zIl3sK8qZmA4OTNCgctq
|
||||
DpGZqQKCAQBgc+lnBdcOh4Nrj+MERY7Dxek/Zx7Tysovai/OpD/+ZOAkrPd1u7LO
|
||||
QjEflJa3BZiYCmh7LFsyNXqoE0oY8iDEHTeHbbx3+5kSlubqErum92oAxMzQohOq
|
||||
p8U4W6P6qM2B1gZOYCpez0PK/O4e5WIHF5lhJi5l2Hi0VyTC+tZ2GK5A2LaURKvs
|
||||
FHXfUrKOJEzO9BeYz0N4HhE2vyC2XBc1TzA3AZEkjmTrNZt/C5oCU1MV7q1hANms
|
||||
jCao+Pe6oREd7CGcERlvgEIChDkvs98O0EnKBq7BOsD/DMkPLMjIt6Nvyr+kmUT3
|
||||
Irz1991jo6KB/2hAFg+ylEhXJyFBGNBbAoIBAFQhMh25emwXX/L0lEqoo1miDl2U
|
||||
IYUFLl8sasRyZp7PmGuUSyKLMZwJesPvcXb4OL4h4Q+2Esx4nFhTkHjoo22AJWRK
|
||||
ivLiDZHEVN5DKFCfaNoNCMeLi07syLRWl28K5O924lVfsEwISOd5VjuFynNHn5Tu
|
||||
pE/VkfwUtY1owak3k737Yum1bBmUHyP6kJyUGQW0E9yhTcau1OnhU8XSvO+6lClK
|
||||
wOg3RsP3LF3gslrRVgc+R95KOva7Oc2EuJDqoHJ8877+r68cHdJYe3mmb1pPNqC1
|
||||
It+c6mphFAT6frmzkew72FEFzaiSx/Iqiwz4LqoMEnVYN8eVp7hehyGbb8o=
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -0,0 +1,24 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIEEjCCAvqgAwIBAgIUbmmpzabDgRPOJj4EzbN+TfqIVhkwDQYJKoZIhvcNAQEL
|
||||
BQAwbzEMMAoGA1UEBhMDVVNBMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
|
||||
Ew1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNl
|
||||
Y3VyaXR5MQswCQYDVQQDEwJjYTAeFw0xODA0MDgxNzUzMDBaFw0xODA0MDgxODUz
|
||||
MDBaMHgxDDAKBgNVBAYTA1VTQTETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE
|
||||
BxMNU2FuIEZyYW5jaXNjbzENMAsGA1UEChMEZXRjZDEWMBQGA1UECxMNZXRjZCBT
|
||||
ZWN1cml0eTEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA
|
||||
A4IBDwAwggEKAoIBAQCxxPIOJV9gc6CjyffN5ylSf7tWrJen8DiyETW5kmDRxnWE
|
||||
RWRIFjcw6EIhyyXE4g5KEhYRqf6uVWY4a97X8xPTT0MwctifDYg2mFEzR4cswcVq
|
||||
AmVG9PluWA5fE7SH0VnX2XJyslyeA/+1JlfowlcRkpCAkKPl/xGwYhBada6cA4zQ
|
||||
YdA7DrNTUdVJt3EGf1wCL4BplcCjK2U53B0neUt5o1IlTwaF2yRpKiCrZ7sH6jI5
|
||||
HugSFRorq65LwFFQPz+RBmNSAEnMF9z6nToQO/S6PYfvcS6od/7UjipaeY9biRq5
|
||||
dgpnd3vr+vnR05z6hSNA/FZz5241SYsvJNFU/irfAgMBAAGjgZwwgZkwDgYDVR0P
|
||||
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
|
||||
Af8EAjAAMB0GA1UdDgQWBBSzO25mJGCt/clSMtYNaX2vhZcVijAfBgNVHSMEGDAW
|
||||
gBSLaEU8nqrYzNEcmi0oZKd1AAFKgTAaBgNVHREEEzARgglsb2NhbGhvc3SHBH8A
|
||||
AAEwDQYJKoZIhvcNAQELBQADggEBAGpOAvnIQ+YHCSYMKl4v9DpZWOoJ3PrG3bFB
|
||||
FomGSIXJitWC4ONljF7o/OsDgOwfBo8L2e/HUSqCoxs4nDf/nzePYtenlL1vFQ4l
|
||||
tajKUTgXKjE55uHhzVWRmcmMNM7yC2dJaoYO+mVwtjLCwvnyNvqG+rUPtk5SXP9t
|
||||
rjVWNsowBSHTVSBoSLNxEI4DRrUvxm20y/E++VXwhliTHGpq+htGz7g7XSNHu7Xo
|
||||
xEkBxRaavZbSEdOR3NPyDPfFAdglnxTk1DQ7DJjznEahegO+pTbID/OY3hrMDVKt
|
||||
YnIt7WzS6KLnUzBOPS1jiyWVUK4QMC5yDAwYU4RH1Pr3XUCNWzk=
|
||||
-----END CERTIFICATE-----
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAscTyDiVfYHOgo8n3zecpUn+7VqyXp/A4shE1uZJg0cZ1hEVk
|
||||
SBY3MOhCIcslxOIOShIWEan+rlVmOGve1/MT009DMHLYnw2INphRM0eHLMHFagJl
|
||||
RvT5blgOXxO0h9FZ19lycrJcngP/tSZX6MJXEZKQgJCj5f8RsGIQWnWunAOM0GHQ
|
||||
Ow6zU1HVSbdxBn9cAi+AaZXAoytlOdwdJ3lLeaNSJU8GhdskaSogq2e7B+oyOR7o
|
||||
EhUaK6uuS8BRUD8/kQZjUgBJzBfc+p06EDv0uj2H73EuqHf+1I4qWnmPW4kauXYK
|
||||
Z3d76/r50dOc+oUjQPxWc+duNUmLLyTRVP4q3wIDAQABAoIBADykuAJ1Y10O9O0L
|
||||
GDsosaMQKgN+a1oCDAVK863zro3BixNtbLFeysMnaHAI0kCg8Uj5dIfgGx6zyWRU
|
||||
ADhhFxFOB9i+RQG1ZxNg0MqSix2MmOD6Ijybk3++EGEE4uA2XdTRvEY+bHQHXzMX
|
||||
+oNP0M4Q1rTVIuRyKEGoonWJkeBsj1m4U5q553EWDQv9esXzuwpnZ3/1thxQhZIJ
|
||||
TBSQ/RhD8/9v95+wU3tVVMoqXhAbqjx0122ZF4khZJb6YM7YaHDdstX+own3yejI
|
||||
srvjNH3E3IiY0HZyhg7ohRfRDSoDLZz0F3v3Dd7wGNWkNYU3vtd1A6Y+xM6U9EwO
|
||||
u5taTEkCgYEA63MkVXR0Yd3tlffm1WQxtcVix2vbnNKY88L6GW4/+RYUMAThqQF4
|
||||
L7YwNNqGjLqhp5U5cAydaMunRsOf/wYFYAaUcRWPISCzbgZh5cgr1XPafb2iMNzD
|
||||
xjE/MhG3jjhKP2nA/QUrUd8woEOEq6qUijIiDyTh84rdpZ1K8uIvuuMCgYEAwUj/
|
||||
0I0gbNZB84/whfnfEkt5ZebYs1vKxRHm5xB58PEZTdoTTlZvoTGzn/NJZrOtZOLo
|
||||
abbvB2xlZNBPl36ZMh5561LPnTTP94qGVfsdr83atMG6AHje7/2cw9BddRXSUjlN
|
||||
SEjzhwRf6HklsiVo0QmWSLD0BDeZGtxHgBhNZNUCgYEAiTo5wgi20Fed4tty0Yqt
|
||||
Imlh8iMeA6AG/4PzaqEEbjP9HiOqNmuh1gUUwalf5GPeViM2L+VaVTrlSuw3s1aa
|
||||
CWasW+CZ5E//5C+aHWf2jFkSzliZUGtLO5d2YsNKvXx3YdBMZ+v8XKJ939qaV8d6
|
||||
/bTMfxEbFGwqVR2BEmDcOssCgYBPUTOZU7CwuSQLXVAoyqdeDJbe2GKpB8woHvaQ
|
||||
b9R6qZXmus0dYp8gmRLLWr0OZkGLmwohB68DbtoVCt7+njcjuBn0FeGY86k8Ph5u
|
||||
fkRqdqF/d9hqhS+HcJ26RXF0sOXEVDuApF87UvJApiZv+qYO0k5XujYI3P/5Y9f7
|
||||
mv13mQKBgQCyBOuHxbZWn2Y15Z6w6K7DOdFuxGjM8ATqdJ8NmGPDABlfrSZiTwkf
|
||||
gLY59kZREdl13DzGCVxbk1EGq+KFNTRSovuf7DG7kY0wQcOlQOzLS7fnftJOBw4E
|
||||
jaTx6novxP3dqWlYmuu1BP/foiVvKHnVYobNihe6rKiaLoH3fWotsg==
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -1,35 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGHDCCBASgAwIBAgIUcGlr9BUSOAwUt3SDhav9yWokZDowDQYJKoZIhvcNAQEN
|
||||
BQAweTEMMAoGA1UEBhMDVVNBMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
|
||||
Ew1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNl
|
||||
Y3VyaXR5MRUwEwYDVQQDEwxldGNkLXJvb3QtY2EwHhcNMTcwMTI2MTkxNTAwWhcN
|
||||
MTcwMTI2MjAxNTAwWjB4MQwwCgYDVQQGEwNVU0ExEzARBgNVBAgTCkNhbGlmb3Ju
|
||||
aWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDTALBgNVBAoTBGV0Y2QxFjAUBgNV
|
||||
BAsTDWV0Y2QgU2VjdXJpdHkxFDASBgNVBAMTC2V4YW1wbGUuY29tMIICIjANBgkq
|
||||
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArjJG7BkDXGJ7IJeUbt9ilXZl/SqKVYnQ
|
||||
QcbAVqKKsZOUTnWljYgslXIVDJAYUCZ2WNzXrHq6XOY4qbfNjDIdq28hlq+EydMO
|
||||
U9T/1WrFASbiJdrCmFH1XUX9SImDw9qDit2S4bxW5gs+Q6cSRSGyHf+6/DD24NY2
|
||||
VP3qpjwaEByZGZ7K769zRBhoI2sWslilztQKuiVdeTRNqMtCD/Qa4JIiwyzmYOwK
|
||||
Ed+kitrsPwUQg/11RNbUHZEy51GCzeZ467DcjnXiGHsAF6ZMznDvPY8GU71JYkBN
|
||||
1Tq8IQVe9yemqk6SUXYoJJnebX3WMvCZ+XLKYWObANQpXxHsu6t68Hkcg5bDTTbg
|
||||
79JAS8co7wf1S3NA3QudhrTf3anvdbtaZFukusQbVnH7qSp5LFTle+Vl7Megy0/j
|
||||
uCBL9/xMSpWqUwUl7evfrm/JkVmCoGm2+56uCyrVK9uRRraqp7J19RuNmhunOiUR
|
||||
N610DjsisI1eqAHSnaDtMluwBc+HEaJWYzJN1JLvGA3ahOyOcv94FZ1msabq20tx
|
||||
vp5oHLd7j9TaVGobqSbDGLZGHrm5If/x2+1Dc9O55Om/82Q8r1Qxt+GqVX+TFed7
|
||||
AvBHFTYbBiW5gT8MSqMb91t+MYmC9ChFbWepC35I6zoHX1B1CgV20lr5PH1wYO+k
|
||||
0IdO6ufZYBcCAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
|
||||
KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFE7MTPuM
|
||||
DNH+edtzjnjB+8Tuwx62MB8GA1UdIwQYMBaAFGds9SaBKZQLcA8jbgxDnH9eHTzH
|
||||
MBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATANBgkqhkiG9w0BAQ0FAAOCAgEA
|
||||
S1Kx/+L5UNAjvXoDWAvFJMIpQcsFhV6vj/sbwxgwXTKjQHOOehEwaaEW735EDmhC
|
||||
4CLgyM94i7eFEGwAVwWpnh6XAfqCMGd32T5aRPktiGqnQ+aAVdC/fgmWWKqA7ix5
|
||||
Bsjg9WbuBZvI1tAIscq7ajeHFBb/mndgP2kRJf8Rd7NH3VsmLHlK6KKwe/ThKvwZ
|
||||
IRTfN7ABWzKq/MmGUOWuBiQaLM7DT05m3ISpN3YCHJL4HRjLz6WZ9vP3GLDcrC8H
|
||||
a7TPizjB3/+y++htnDBhVAAVl4GgolRZzjkzERxDZlvyY7T8sfq9a+9GGHgRXB8v
|
||||
9wWOYph2r8K1aPaVPw88cri9l993g+vWgKhEse+JoiHgcyCp2VjnM6cpMhCPktBp
|
||||
YBZ/jBma5EQoLIdBFmDcH/tVs6l6o/9J3q2x+fPZYZkvyuUbxb+TdRZllCqx1myy
|
||||
YxCGTLdjWEHQbdcVc8totLPgJik2LjFoPAvYgrqO0o3vTz1oagLbwie4D2uK9Ats
|
||||
pu4KxGCsDtzyf/w9sBZti/ovIgttB7IxeFWZYIWVRCkJkre9rm8qmaCmMY2FvBDY
|
||||
nBSTldaLpHAryjleyu/WYdqW8Qc+EqIPCzCvJkrKfhZEN7AT7vFwmvnOjJetFdEL
|
||||
UNJ3wyITBZtiMRAInMkRi3zFeHTVqaockL/FoplkY4Q=
|
||||
-----END CERTIFICATE-----
|
|
@ -1,42 +1,44 @@
|
|||
#!/bin/bash
|
||||
|
||||
if ! [[ "$0" =~ "./gencerts.sh" ]]; then
|
||||
echo "must be run from 'fixtures'"
|
||||
exit 255
|
||||
echo "must be run from 'fixtures'"
|
||||
exit 255
|
||||
fi
|
||||
|
||||
if ! which cfssl; then
|
||||
echo "cfssl is not installed"
|
||||
exit 255
|
||||
echo "cfssl is not installed"
|
||||
exit 255
|
||||
fi
|
||||
|
||||
cfssl gencert --initca=true ./ca-csr.json | cfssljson --bare ./ca
|
||||
mv ca.pem ca.crt
|
||||
openssl x509 -in ca.crt -noout -text
|
||||
if which openssl >/dev/null; then
|
||||
openssl x509 -in ca.crt -noout -text
|
||||
fi
|
||||
|
||||
# generate DNS: localhost, IP: 127.0.0.1, CN: example.com certificates
|
||||
cfssl gencert \
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr.json | cfssljson --bare ./server
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr.json | cfssljson --bare ./server
|
||||
mv server.pem server.crt
|
||||
mv server-key.pem server.key.insecure
|
||||
|
||||
# generate DNS: localhost, IP: 127.0.0.1, CN: example2.com certificates
|
||||
cfssl gencert \
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr2.json | cfssljson --bare ./server2
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr2.json | cfssljson --bare ./server2
|
||||
mv server2.pem server2.crt
|
||||
mv server2-key.pem server2.key.insecure
|
||||
|
||||
# generate revoked certificates and crl
|
||||
cfssl gencert --ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr.json 2>revoked.stderr | cfssljson --bare ./server-revoked
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr.json 2>revoked.stderr | cfssljson --bare ./server-revoked
|
||||
mv server-revoked.pem server-revoked.crt
|
||||
mv server-revoked-key.pem server-revoked.key.insecure
|
||||
grep serial revoked.stderr | awk ' { print $9 } ' >revoke.txt
|
||||
|
@ -44,10 +46,10 @@ cfssl gencrl revoke.txt ca.crt ca-key.pem | base64 --decode >revoke.crl
|
|||
|
||||
# generate wildcard certificates DNS: *.etcd.local
|
||||
cfssl gencert \
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr-wildcard.json | cfssljson --bare ./server-wildcard
|
||||
--ca ./ca.crt \
|
||||
--ca-key ./ca-key.pem \
|
||||
--config ./gencert.json \
|
||||
./server-ca-csr-wildcard.json | cfssljson --bare ./server-wildcard
|
||||
mv server-wildcard.pem server-wildcard.crt
|
||||
mv server-wildcard-key.pem server-wildcard.key.insecure
|
||||
|
||||
|
|
Loading…
Reference in New Issue