Skip to content

Commit

Permalink
Update ssl README; more explanation of files.
Browse files Browse the repository at this point in the history
  • Loading branch information
@joekottke
joekottke committed May 30, 2018
1 parent 4a7b32e commit fa4dae4
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions ssl/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,16 @@ While it is not required for basic testing, it is otherwise assumed that files i
cfssl gencert -initca ca-csr.json | cfssljson -bare ca
```

This will generate the files `ca.pem` and `ca-key.pem`. These files will be used to generate the client and server certificates, and the `ca.pem` file will be used to verify the client and server to each other, respectively.

## Generate client certificate

```sh
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json client-csr.json | cfssljson -bare client
```

This will generate the files `client.pem` and `client-key.pem`.

**_Note:_** You will get a warning from this command:

```
Expand All @@ -36,3 +40,5 @@ As this certificate is to be used for a client, and not a server, it is acceptab
```sh
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -hostname=<your server hostname> server-csr.json | cfssljson -bare server
```

This will generate the files `server.pem` and `server-key.pem`.

0 comments on commit fa4dae4

Please sign in to comment.