diff --git a/.gitignore b/.gitignore index cf4b5ba..87ad714 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ bin/ _dist/ +*.pem + diff --git a/ca-config.json b/ca-config.json new file mode 100644 index 0000000..0ab5e41 --- /dev/null +++ b/ca-config.json @@ -0,0 +1,18 @@ +{ + "signing": { + "default": { + "expiry": "8760h" + }, + "profiles": { + "server": { + "usages": [ + "signing", + "key encipherment", + "server auth", + "client auth" + ], + "expiry": "8760h" + } + } + } +} \ No newline at end of file diff --git a/ca-csr.json b/ca-csr.json new file mode 100644 index 0000000..4de2ae8 --- /dev/null +++ b/ca-csr.json @@ -0,0 +1,16 @@ +{ + "CN": "filter-proxy", + "key": { + "algo": "ecdsa", + "size": 521 + }, + "names": [ + { + "C": "NL", + "L": "Utrecht", + "O": "filter-proxy", + "OU": "CA", + "ST": "Utrecht" + } + ] +} \ No newline at end of file diff --git a/ca.csr b/ca.csr new file mode 100644 index 0000000..6aae2b1 --- /dev/null +++ b/ca.csr @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBrzCCARECAQAwbDELMAkGA1UEBhMCTkwxEDAOBgNVBAgTB1V0cmVjaHQxEDAO +BgNVBAcTB1V0cmVjaHQxFTATBgNVBAoTDGZpbHRlci1wcm94eTELMAkGA1UECxMC +Q0ExFTATBgNVBAMTDGZpbHRlci1wcm94eTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOB +hgAEAef39QdoA3I0Xc8pLn2FF2Cc5CfHJT2Rw+a6KYA2QYcpYAdx+R8pS5LWJaP0 +64YX4WpY/njhRYWmnLZrOyNfJSI6Admt1KF1f84LfkZ/dsN3GJMLG7TLWdEr/2ge +39PfuOSdf+HfCGhV9OLKBTUSjbz1Z5CvYlRdwXk07APV3oxG1vHGoAAwCgYIKoZI +zj0EAwQDgYsAMIGHAkIBQiNkyrERITdHttNCUuLZbxaXF7S/hpbDmXtU7cCMLGQW +bTI3yEtsaVUFID1HQZlrwzmvOzcqzUWc8MzF0HlXk0gCQSUDnUSHgowPyjDQBgaa +QFnkS6CG5fRj/54aQsnV4Xeofaz4+gpvPnSAAX6TuCLCfS4oz27h1iRf8iy8L+/x +Tv7B +-----END CERTIFICATE REQUEST----- diff --git a/generate-tls.sh b/generate-tls.sh new file mode 100755 index 0000000..6461981 --- /dev/null +++ b/generate-tls.sh @@ -0,0 +1,9 @@ +#!/bin/bash +cfssl gencert -initca ca-csr.json | cfssljson -bare ca + +cfssl gencert \ + -ca=ca.pem \ + -ca-key=ca-key.pem \ + -config=ca-config.json \ + -profile=server \ + tls-csr.json | cfssljson -bare tls \ No newline at end of file diff --git a/tls-csr.json b/tls-csr.json new file mode 100644 index 0000000..ab952f4 --- /dev/null +++ b/tls-csr.json @@ -0,0 +1,19 @@ +{ + "CN": "localhost", + "hosts": [ + "localhost" + ], + "key": { + "algo": "rsa", + "size": 2048 + }, + "names": [ + { + "C": "NL", + "L": "Utrecht", + "O": "filter-proxy", + "OU": "localhost", + "ST": "Utrecht" + } + ] +} \ No newline at end of file diff --git a/tls.csr b/tls.csr new file mode 100644 index 0000000..ac0f69f --- /dev/null +++ b/tls.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC3DCCAcQCAQAwcDELMAkGA1UEBhMCTkwxEDAOBgNVBAgTB1V0cmVjaHQxEDAO +BgNVBAcTB1V0cmVjaHQxFTATBgNVBAoTDGZpbHRlci1wcm94eTESMBAGA1UECxMJ +bG9jYWxob3N0MRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDN8b7Szo+f8b5U2EymmQzKgGxxGcDuTBnZ92KrkVQRTn0Q +5ZUKFBZIa+I+zm9acszF8Sz0vXf4DQz1K5tZdY9OjrMaHuTuChF6PIbzoOhmKWxB +/kKc1mwsyAULviOqu/BaqDj7kdlvJWXPqrA7YhCXimF62wAnTnPoI7IXuk1oOEIL +Sm6zus/IBDWienBOdapm9LDG7My8h1xFcU8M0T8mDqhV/tgcoxjR+sT9OkoaLTL6 +TJvtr25ANuey+U40iX4ucWTGAvO+82vDgFN6Kbohq9PAzCVbhl57qKelJC13z4x+ +2pKJ9FYJp/+Cqn4wxKXE1RtjmbvGHVAUnGagC/vdAgMBAAGgJzAlBgkqhkiG9w0B +CQ4xGDAWMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEA +O7OzflCaTtoDOqeE4zG5Fx3egF2TL1HI0kjVUH8j3QBhWJbzeNPHZloreHrHKPbv +xKisgT5KmrN81rW510YOs62sdZaf9E+WC4+qPWR4+0+oh/RDJxwznBYf3mbzQ484 +zr2tKsrOTWnSM82N0/rNpOYXLpCJzHyQmzbIfrE9UAd1AUVLNAHUj9PCVfkqCNWK +8h04+77wpmhSKy8Lninh7Y0hD+7MWh8r9smC3GfblxxYAMpCKiqhEyjkZH+b5R3S +D+aevNXdV9819DDM8+fjnnzOjy2v1nb8V+gpZklZl6oAP1vd0AqNUfgyc2YBe5+w +w+ChpBSxl+jJqu86+CMhRg== +-----END CERTIFICATE REQUEST-----