postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-15 01:53:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
timescaledb/scripts/generate_data_node_cert.sh
Sven Klemm be429eb3d9 Regenerate SSL certs 
The SSL certs used for testing expired today. This patch adds new
certificates that last for 100 years.
2022-08-11 20:11:10 +02:00

33 lines
854 B
Bash
Executable File
Raw Blame History

#!/bin/sh
CA_FILE_PREFIX=${CA_FILE_PREFIX:-ts_ca}
CA_KEY=${CA_KEY:-${CA_FILE_PREFIX}.key}
CA_CRT=${CA_CRT:-${CA_FILE_PREFIX}.crt}
CA_SRL=${CA_SRL:-${CA_FILE_PREFIX}.srl}
DN_FILE_PREFIX=${DN_FILE_PREFIX:-ts_data_node}
DN_HOSTNAME=${DN_HOSTNAME:-localhost}
DN_KEY=${DN_KEY:-${DN_FILE_PREFIX}.key}
DN_CRT=${DN_CRT:-${DN_FILE_PREFIX}.crt}
DN_CSR=${DN_CSR:-${DN_FILE_PREFIX}.csr}
DN_SRL=${DN_SRL:-${DN_FILE_PREFIX}.srl}
# Generate data node private key
openssl genrsa -out ${DN_KEY} 2048
# Request CA to sign data node key
openssl req -new -nodes -key ${DN_KEY} \
-subj "/C=SE/ST=Stockholm/L=Stockholm/O=${DN_HOSTNAME}/CN=${DN_HOSTNAME}" \
-out ${DN_CSR}
# Sign data node key with CA private key
openssl x509 -days 36500 \
-req -in ${DN_CSR} \
-CA ${CA_CRT} \
-CAkey ${CA_KEY} -CAcreateserial \
-out ${DN_CRT}
# Clean up
rm -f ${DN_CSR}
rm -f ${CA_SRL}
Reference in New Issue View Git Blame Copy Permalink