~damien/infrastructure

ref: 39fd996bc0dfb8886c7b611d847c18af208c30cf infrastructure/tools/issue-cert -rwxr-xr-x 523 bytes
39fd996b — Damien Radtke Add tool for issuing certs from the support server 10 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
#!/usr/bin/env bash
#
# Issue a new certificate using one of the available CAs.
#
# Example:
#
#   $ issue-cert nomad nomad-cli
#

if [[ $# -ne 2 ]]; then
	echo "usage: $0 <ca> <cert-name>"
	exit 1
fi

CA="$1"
NAME="$2"

RESPONSE=$(echo '{}' | sudo `which cfssl` gencert -config /etc/ssl/cfssl.json -ca "/etc/ssl/${CA}/ca.pem" -ca-key "/etc/ssl/${CA}/ca-key.pem" -)
echo "${RESPONSE}" | jq -r .cert > "${NAME}.pem"; chmod 0444 "${NAME}.pem"
echo "${RESPONSE}" | jq -r .key > "${NAME}-key.pem"; chmod 0400 "${NAME}-key.pem"