KAZ/kaz-vagrant
2
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Certif avec CN via mkcert

Browse Source
This commit is contained in:
gael 2023-03-15 01:34:57 +01:00
parent a2c2105019
commit 9f53cc86f5
1 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
files/vm-provision.sh
View File

@ -148,11 +148,33 @@ EOF
export CAROOT=/etc/letsencrypt/local/ export CAROOT=/etc/letsencrypt/local/
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/ /root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
cd "${CAROOT}" cd "${CAROOT}"
/root/mkcert/mkcert "*.kaz.sns" # cert et clé dans /etc/letsencrypt/local/ cat > "${CAROOT}/kaz.sns.cnf" <<EOF
[ req ]
prompt = no
distinguished_name = dn
req_extensions = req_ext
[ dn ]
CN = *.kaz.sns
emailAddress = admin@kaz.sns
O = KAZ
OU = Dev
L = Vannes
ST = France
C = FR
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
DNS.0 = *.kaz.sns
EOF
openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout kaz.sns.key -out kaz.sns.csr -config kaz.sns.cnf
/root/mkcert/mkcert -csr "${CAROOT}/kaz.sns.csr" # cert et clé dans /etc/letsencrypt/local/
mkdir -p /etc/letsencrypt/live/kaz.sns/ mkdir -p /etc/letsencrypt/live/kaz.sns/
ln -s ../../local/_wildcard.kaz.sns.pem /etc/letsencrypt/live/kaz.sns/fullchain.pem ln -s ../../local/_wildcard.kaz.sns.pem /etc/letsencrypt/live/kaz.sns/fullchain.pem
ln -s ../../local/_wildcard.kaz.sns-key.pem /etc/letsencrypt/live/kaz.sns/privkey.pem ln -s ../../local/kaz.sns.key /etc/letsencrypt/live/kaz.sns/privkey.pem
fi fi
# Cache docker registry # Cache docker registry