Certif avec CN via mkcert
This commit is contained in:
parent
a2c2105019
commit
9f53cc86f5
@ -148,11 +148,33 @@ EOF
|
||||
export CAROOT=/etc/letsencrypt/local/
|
||||
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
|
||||
cd "${CAROOT}"
|
||||
/root/mkcert/mkcert "*.kaz.sns" # cert et clé dans /etc/letsencrypt/local/
|
||||
cat > "${CAROOT}/kaz.sns.cnf" <<EOF
|
||||
[ req ]
|
||||
prompt = no
|
||||
distinguished_name = dn
|
||||
req_extensions = req_ext
|
||||
|
||||
[ dn ]
|
||||
CN = *.kaz.sns
|
||||
emailAddress = admin@kaz.sns
|
||||
O = KAZ
|
||||
OU = Dev
|
||||
L = Vannes
|
||||
ST = France
|
||||
C = FR
|
||||
|
||||
[ req_ext ]
|
||||
subjectAltName = @alt_names
|
||||
|
||||
[alt_names]
|
||||
DNS.0 = *.kaz.sns
|
||||
EOF
|
||||
openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout kaz.sns.key -out kaz.sns.csr -config kaz.sns.cnf
|
||||
/root/mkcert/mkcert -csr "${CAROOT}/kaz.sns.csr" # cert et clé dans /etc/letsencrypt/local/
|
||||
|
||||
mkdir -p /etc/letsencrypt/live/kaz.sns/
|
||||
ln -s ../../local/_wildcard.kaz.sns.pem /etc/letsencrypt/live/kaz.sns/fullchain.pem
|
||||
ln -s ../../local/_wildcard.kaz.sns-key.pem /etc/letsencrypt/live/kaz.sns/privkey.pem
|
||||
ln -s ../../local/kaz.sns.key /etc/letsencrypt/live/kaz.sns/privkey.pem
|
||||
fi
|
||||
|
||||
# Cache docker registry
|
||||
|
Loading…
Reference in New Issue
Block a user