add title
This commit is contained in:
parent
27f2718ec5
commit
1a3e7918b2
13
README.md
13
README.md
|
@ -1,6 +1,9 @@
|
||||||
A small HTTP(S)[*] API that accepts X509 CSRs and signs them if they
|
# Certifix
|
||||||
contain the magic number (specifically, if they have a custom
|
|
||||||
`challengePassword` attribute containing a pre-agreed value)
|
Not an Asterix character. A small HTTP(S)[*] API that accepts X509
|
||||||
|
CSRs and signs them if they contain the magic number (specifically, if
|
||||||
|
they have a custom `challengePassword` attribute containing a
|
||||||
|
pre-agreed value)
|
||||||
|
|
||||||
Modelled on the Puppet CA "Policy-based autosigning" functionality,
|
Modelled on the Puppet CA "Policy-based autosigning" functionality,
|
||||||
but without the rest of Puppet
|
but without the rest of Puppet
|
||||||
|
@ -32,11 +35,11 @@ echo 'urban cookie collective' > psk
|
||||||
chmod 0700 psk
|
chmod 0700 psk
|
||||||
|
|
||||||
# create CA key and cert
|
# create CA key and cert
|
||||||
openssl genrsa -out ca.key 4096
|
openssl genrsa -out ca.key 4096
|
||||||
CN=CA openssl req -config openssl.cnf -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt
|
CN=CA openssl req -config openssl.cnf -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt
|
||||||
|
|
||||||
# create client CSR
|
# create client CSR
|
||||||
CN=rotuer openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout client.key -out client.csr
|
CN=rotuer openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout client.key -out client.csr
|
||||||
|
|
||||||
# start the server
|
# start the server
|
||||||
bin/certifix
|
bin/certifix
|
||||||
|
|
Loading…
Reference in New Issue