skyone-wzw/compose
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
compose/traefik/config/ca/setup.sh

27 lines
906 B
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 1. 生成一个自签名 mTLS CA 证书
openssl req -new -x509 -nodes -sha256 -days 3650 -newkey rsa:4096 \
-keyout ca.key -out ca.crt \
-subj "/C=US/O=OrganizationName/CN=CommonName"
# 2. 创建客户端私钥RSA 4096
openssl genrsa -out client.key 4096
# 3. 创建客户端的证书请求 (CSR)
openssl req -new -sha256 \
-key client.key -out client.csr \
-subj "/C=US/O=OrganizationName/CN=CommonName"
# 4. 用 CA 给客户端证书签名
openssl x509 -req -sha256 -days 730 \
-in client.csr -CA ca.crt -CAkey ca.key \
-CAcreateserial -out client.crt
# 导出 PKCS#12/.p12 证书 (不带证书链)
openssl pkcs12 -export \
-inkey client.key -in client.crt \
-out client.p12 -name "client-app-01"
# 导出 PKCS#12/.p12 证书 (带证书链)
openssl pkcs12 -export \
-inkey client.key -in client.crt -certfile ca.crt \
-out client-with-ca.p12 -name "client-app-01"
Reference in New Issue View Git Blame Copy Permalink