docker/attest-provider
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

merge poc

Browse Source
This commit is contained in:
mrjoelkamp
2024-05-23 10:52:35 -05:00
parent 3d0519f92a
commit f91a423ef6
22 changed files with 1133 additions and 277 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/generate-tls-cert.sh
View File

@@ -6,19 +6,19 @@ set -o pipefail
REPO_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
cd "${REPO_ROOT}" || exit 1
NAMESPACE=${NAMESPACE:-gatekeeper-system}
NAMESPACE=security
generate() {
# generate CA key and certificate
echo "Generating CA key and certificate for external-data-provider..."
echo "Generating CA key and certificate for attest-provider..."
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 1 -key ca.key -subj "/O=Gatekeeper/CN=Gatekeeper Root CA" -out ca.crt
# generate server key and certificate
echo "Generating server key and certificate for external-data-provider..."
echo "Generating server key and certificate for attest-provider..."
openssl genrsa -out tls.key 2048
openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/CN=external-data-provider.${NAMESPACE}" -out server.csr
openssl x509 -req -extfile <(printf "subjectAltName=DNS:external-data-provider.%s" "${NAMESPACE}") -days 1 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/CN=attest-provider.${NAMESPACE}" -out server.csr
openssl x509 -req -extfile <(printf "subjectAltName=DNS:attest-provider.%s" "${NAMESPACE}") -days 1 -sha256 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
}
mkdir -p "${REPO_ROOT}/certs"