Add more certs generation. Update README.
This commit is contained in:
parent
57fc9ae7f7
commit
132f86d659
6
README
6
README
@ -1,7 +1,7 @@
|
||||
Certificates creation:
|
||||
./create_conf.sh
|
||||
The file ca.key can only be found in the encrypted archive for secrets.
|
||||
|
||||
Then store the directory conf/ in the encrypted archive for secrets.
|
||||
Certificates are created as below and the directory conf is stored in the encrypted archive for secrets:
|
||||
./create_conf.sh
|
||||
|
||||
Two docker-compose files are provided: one in host mode and one for regular docker network.
|
||||
|
||||
|
@ -13,9 +13,11 @@ openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extension
|
||||
openssl req -nodes -new -keyout client2.key -out client2.csr -subj "/C=FR/O=scimetis/CN=serveur-appart.scimetis.net" -reqexts usr_cert -config ../openssl.conf
|
||||
openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extensions usr_cert -extfile ../openssl.conf -in client2.csr -out client2.crt
|
||||
|
||||
NAME=modane
|
||||
for NAME in modane Y10
|
||||
do
|
||||
openssl req -nodes -new -keyout ${NAME}.key -out ${NAME}.csr -subj "/C=FR/O=scimetis/CN=${NAME}.scimetis.net" -reqexts usr_cert -config ../openssl.conf
|
||||
openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -extensions usr_cert -extfile ../openssl.conf -in ${NAME}.csr -out ${NAME}.crt
|
||||
done
|
||||
|
||||
chcon -R -u system_u -r object_r -t svirt_sandbox_file_t ./
|
||||
mkdir keys
|
||||
|
Loading…
Reference in New Issue
Block a user