1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
#!/bin/bash
# Copyright The OpenTelemetry Authors
# SPDX-License-Identifier: Apache-2.0
set -e
which cfssl
which cfssljson
cfssl version
cfssljson -version
echo "Generating CA"
cfssl genkey -initca ca_csr.json | cfssljson -bare ca
echo "Generating CLIENT CERT"
cfssl gencert -ca ca.pem -ca-key ca-key.pem client_csr.json | cfssljson -bare client_cert
echo "Generating SERVER CERT"
cfssl gencert -ca ca.pem -ca-key ca-key.pem server_csr.json | cfssljson -bare server_cert
echo "Generating CA B"
cfssl genkey -initca ca_csr_b.json | cfssljson -bare ca_b
echo "Generating CLIENT CERT B"
cfssl gencert -ca ca_b.pem -ca-key ca_b-key.pem client_csr_b.json | cfssljson -bare client_cert_b
echo "Generating SERVER CERT B"
cfssl gencert -ca ca_b.pem -ca-key ca_b-key.pem server_csr_b.json | cfssljson -bare server_cert_b
echo "UNREADABLE" > unreadable.pem
chmod 0 unreadable.pem
# Needed to copy this key inside docker (different owner)
chmod +r server_cert-key.pem
# Debug
ls -l
|
