From d03afcfd5069ce3a816aa50b71d7476a13e374fa Mon Sep 17 00:00:00 2001 From: AYM1607 Date: Wed, 11 Aug 2021 18:28:38 -0500 Subject: [PATCH] Add config and makefile command to generate CA and client/server certs. --- Makefile | 29 +++++++++++++++++++++++++++++ certs/ca-config.json | 14 ++++++++++++++ certs/ca-csr.json | 16 ++++++++++++++++ certs/client-csr.json | 17 +++++++++++++++++ certs/server-csr.json | 17 +++++++++++++++++ 5 files changed, 93 insertions(+) create mode 100644 certs/ca-config.json create mode 100644 certs/ca-csr.json create mode 100644 certs/client-csr.json create mode 100644 certs/server-csr.json diff --git a/Makefile b/Makefile index 19a3069..35c0405 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,31 @@ +CONFIG_PATH=${HOME}/.proglog/ + +.PHONY: init +init: + mkdir -p ${CONFIG_PATH} + +.PHONY: gencert +gencert: + cfssl gencert \ + -initca certs/ca-csr.json | cfssljson -bare ca + + cfssl gencert \ + -ca=ca.pem \ + -ca-key=ca-key.pem \ + -config=certs/ca-config.json \ + -profile=server \ + certs/server-csr.json | cfssljson -bare server + + cfssl gencert \ + -ca=ca.pem \ + -ca-key=ca-key.pem \ + -config=certs/ca-config.json \ + -profile=client \ + certs/client-csr.json | cfssljson -bare client + + mv *.pem *.csr ${CONFIG_PATH} + +.PHONY: compile compile: protoc api/v1/*.proto \ --go_out=. \ @@ -6,5 +34,6 @@ compile: --go-grpc_opt=paths=source_relative \ --proto_path=. +.PHONY: test test: go test -race ./... diff --git a/certs/ca-config.json b/certs/ca-config.json new file mode 100644 index 0000000..eabead0 --- /dev/null +++ b/certs/ca-config.json @@ -0,0 +1,14 @@ +{ + "signing": { + "profiles": { + "server": { + "expiry": "8760h", + "usages": ["signing", "key encipherment", "server auth"] + }, + "client": { + "expiry": "8760h", + "usages": ["signing", "key encipherment", "client auth"] + } + } + } +} diff --git a/certs/ca-csr.json b/certs/ca-csr.json new file mode 100644 index 0000000..ccec7dd --- /dev/null +++ b/certs/ca-csr.json @@ -0,0 +1,16 @@ +{ + "CN": "Mariano's CA", + "key": { + "algo": "rsa", + "size": 2048 + }, + "names": [ + { + "C": "MX", + "ST": "NL", + "L": "MTY", + "O": "AYM Consulting", + "OU": "CA Services" + } + ] +} diff --git a/certs/client-csr.json b/certs/client-csr.json new file mode 100644 index 0000000..bcde403 --- /dev/null +++ b/certs/client-csr.json @@ -0,0 +1,17 @@ +{ + "CN": "client", + "hosts": [""], + "key": { + "algo": "rsa", + "size": 2048 + }, + "names": [ + { + "C": "MX", + "ST": "NL", + "L": "MTY", + "O": "AYM Consulting", + "OU": "Distributed Services" + } + ] +} diff --git a/certs/server-csr.json b/certs/server-csr.json new file mode 100644 index 0000000..04a630c --- /dev/null +++ b/certs/server-csr.json @@ -0,0 +1,17 @@ +{ + "CN": "127.0.0.1", + "hosts": ["localhost", "127.0.0.1"], + "key": { + "algo": "rsa", + "size": 2048 + }, + "names": [ + { + "C": "MX", + "ST": "NL", + "L": "MTY", + "O": "AYM Consulting", + "OU": "Distributed services" + } + ] +}