From 9f67fc4290f8e9890fbd0b216c23bc944b81f641 Mon Sep 17 00:00:00 2001
From: asubedy <frexpe@pm.me>
Date: Thu, 20 Jul 2023 21:59:48 +0545
Subject: [PATCH] added csr sript

Signed-off-by: asubedy <frexpe@pm.me>
---
 .github/workflows/scripts/generate_csr.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 .github/workflows/scripts/generate_csr.sh

diff --git a/.github/workflows/scripts/generate_csr.sh b/.github/workflows/scripts/generate_csr.sh
new file mode 100644
index 0000000..4904516
--- /dev/null
+++ b/.github/workflows/scripts/generate_csr.sh
@@ -0,0 +1,11 @@
+
+# generate CA cerficate
+openssl genrsa -out fortio.com.key 2048
+openssl req -new -x509 -days 365 -key fortio.com.key -subj "/C=CN/ST=GD/L=SZ/O=fortio.com, Inc./CN=fortio.com Root CA" -out fortio.com.crt
+
+# generate CSR
+openssl req -newkey rsa:2048 -nodes -keyout httpbin.fortio.com.key -subj "/C=CN/ST=GD/L=SZ/O=fortio.com, Inc./CN=*.fortio.com" -out httpbin.fortio.com.csr
+openssl x509 -req -extfile <(printf "subjectAltName=IP:10.239.241.168,DNS:fortio.com,DNS:www.fortio.com") -days 365 -in httpbin.fortio.com.csr -CA fortio.com.crt -CAkey fortio.com.key -CAcreateserial -out httpbin.fortio.com.crt
+
+# upload key and crt as a secret
+kubectl create -n istio-system secret tls httpbin-fortio-credential --key=httpbin.fortio.com.key --cert=httpbin.fortio.com.crt
\ No newline at end of file