postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-16 02:23:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
timescaledb/scripts/generate_data_node_cert.sh
Dmitry Simonenko f7a39c6deb Support SSL with Certificate Based Authentication 
Add a tunable way to support SSL connections to data nodes
with optional certificate based authentication.

Switch test suite to use pre-generated certificates.
2020-05-27 17:31:09 +02:00

33 lines
853 B
Bash
Executable File
Raw Blame History

#!/bin/sh
CA_FILE_PREFIX=${CA_FILE_PREFIX:-ts_ca}
CA_KEY=${CA_KEY:-${CA_FILE_PREFIX}.key}
CA_CRT=${CA_CRT:-${CA_FILE_PREFIX}.crt}
CA_SRL=${CA_SRL:-${CA_FILE_PREFIX}.srl}
DN_FILE_PREFIX=${DN_FILE_PREFIX:-ts_data_node}
DN_HOSTNAME=${DN_HOSTNAME:-localhost}
DN_KEY=${DN_KEY:-${DN_FILE_PREFIX}.key}
DN_CRT=${DN_CRT:-${DN_FILE_PREFIX}.crt}
DN_CSR=${DN_CSR:-${DN_FILE_PREFIX}.csr}
DN_SRL=${DN_SRL:-${DN_FILE_PREFIX}.srl}
# Generate data node private key
openssl genrsa -out ${DN_KEY} 2048
# Request CA to sign data node key
openssl req -new -nodes -key ${DN_KEY} \
-subj "/C=SE/ST=Stockholm/L=Stockholm/O=${DN_HOSTNAME}/CN=${DN_HOSTNAME}" \
-out ${DN_CSR}
# Sign data node key with CA private key
openssl x509 -days 1095 \
-req -in ${DN_CSR} \
-CA ${CA_CRT} \
-CAkey ${CA_KEY} -CAcreateserial \
-out ${DN_CRT}
# Clean up
rm -f ${DN_CSR}
rm -f ${CA_SRL}
Reference in New Issue View Git Blame Copy Permalink