From 93d259ddc7ae3ac366797f5fe147a312a44627f5 Mon Sep 17 00:00:00 2001 From: Dipjyoti Metia Date: Sun, 31 Mar 2024 01:19:28 +1100 Subject: [PATCH] cleanup --- script/certs-docker/Dockerfile | 23 ----------------- script/certs-docker/ca-config.json | 34 ------------------------- script/certs-docker/ca-csr.json | 17 ------------- script/certs-docker/client.json | 10 -------- script/certs-docker/peer.json | 11 -------- script/certs-docker/readme.md | 41 ------------------------------ script/certs-docker/server.json | 11 -------- 7 files changed, 147 deletions(-) delete mode 100644 script/certs-docker/Dockerfile delete mode 100644 script/certs-docker/ca-config.json delete mode 100644 script/certs-docker/ca-csr.json delete mode 100644 script/certs-docker/client.json delete mode 100644 script/certs-docker/peer.json delete mode 100644 script/certs-docker/readme.md delete mode 100644 script/certs-docker/server.json diff --git a/script/certs-docker/Dockerfile b/script/certs-docker/Dockerfile deleted file mode 100644 index 4c6fe10..0000000 --- a/script/certs-docker/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -FROM cfssl/cfssl AS cfssl - -LABEL author="Dipjyoti Metia" -LABEL version="1.0" - - -WORKDIR /app - -COPY *.json /app/ - -# Generate the certificates -RUN cfssl gencert -initca ca-csr.json | cfssljson -bare ca - -RUN cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer peer.json | cfssljson -bare peer -RUN cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server server.json | cfssljson -bare server -RUN cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client client.json | cfssljson -bare client - -FROM debian:12-slim - -COPY --from=cfssl /app/*.pem /app/*.csr /certs/ - -WORKDIR /certs - -CMD ["cp", "-R", "/certs", "/certs_volume"] \ No newline at end of file diff --git a/script/certs-docker/ca-config.json b/script/certs-docker/ca-config.json deleted file mode 100644 index ef269df..0000000 --- a/script/certs-docker/ca-config.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "signing": { - "default": { - "expiry": "43800h" - }, - "profiles": { - "server": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "server auth" - ] - }, - "client": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "client auth" - ] - }, - "peer": { - "expiry": "43800h", - "usages": [ - "signing", - "key encipherment", - "server auth", - "client auth" - ] - } - } - } -} \ No newline at end of file diff --git a/script/certs-docker/ca-csr.json b/script/certs-docker/ca-csr.json deleted file mode 100644 index 695df2f..0000000 --- a/script/certs-docker/ca-csr.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "CN": "docker.event", - "key": { - "algo": "rsa", - "size": 2048 - }, - "names": [ - { - "C": "Australia", - "L": "Melbourne", - "O": "Open Source", - "OU": "IT Department", - "ST": "VIC" - } - ] - } - \ No newline at end of file diff --git a/script/certs-docker/client.json b/script/certs-docker/client.json deleted file mode 100644 index 707e09b..0000000 --- a/script/certs-docker/client.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "CN": "client", - "key": { - "algo": "rsa", - "size": 2048 - }, - "hosts": [ - "localhost" - ] -} \ No newline at end of file diff --git a/script/certs-docker/peer.json b/script/certs-docker/peer.json deleted file mode 100644 index 84ea00b..0000000 --- a/script/certs-docker/peer.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "CN": "peer", - "key": { - "algo": "rsa", - "size": 2048 - }, - "hosts": [ - "localhost", - "192.168.0.1" - ] -} \ No newline at end of file diff --git a/script/certs-docker/readme.md b/script/certs-docker/readme.md deleted file mode 100644 index 39a4fc8..0000000 --- a/script/certs-docker/readme.md +++ /dev/null @@ -1,41 +0,0 @@ -# Certificate Generator Dockerfile - -This Dockerfile allows you to generate client-server certificates using CFSSL and export them to a local volume. - -## Prerequisites - -- Docker should be installed on your machine. - -## Usage - -1. Clone the repository and navigate to the project directory. - -2. Place your configuration files (`ca-csr.json`, `ca-config.json`, `peer.json`, `server.json`, `client.json`) in the project directory. - -3. Build the Docker image: - -```shell -docker build -t certificate-generator . -``` - -4. Run a container from the image, mapping the `/certs_volume` directory to a local volume on your host machine: - -```shell -docker run -v "$(pwd):/certs_volume" certificate-generator -``` - -5. After running the container, the generated certificates will be available in the specified local volume. - -6. At the end verify the generated pem files - -```shell -openssl x509 -in ca.pem -text -noout -openssl x509 -in server.pem -text -noout -openssl x509 -in client.pem -text -noout -``` - -7. Extract public key from a certificate - -```shell -openssl x509 -in certificate.pem -pubkey -noout > public.pem -``` diff --git a/script/certs-docker/server.json b/script/certs-docker/server.json deleted file mode 100644 index d90e9ea..0000000 --- a/script/certs-docker/server.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "CN": "server", - "key": { - "algo": "rsa", - "size": 2048 - }, - "hosts": [ - "localhost", - "192.168.0.1" - ] -} \ No newline at end of file