mirror of
https://github.com/pockethost/pockethost.git
synced 2025-03-30 15:08:30 +00:00
chore(root): remove unneeded ssl and CA creation
This commit is contained in:
Ben Allfree
parent
cce4590ede
commit
f03ce2f690
6
ssl/.gitignore
vendored
6
ssl/.gitignore
vendored
@ -1,6 +0,0 @@
|
||||
*.pem
|
||||
*.crt
|
||||
*.key
|
||||
*.srl
|
||||
!pockethost.test.crt
|
||||
!pockethost.test.key
|
||||
@ -1,32 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Generates your own Certificate Authority for development.
|
||||
# This script should be executed just once.
|
||||
|
||||
set -e
|
||||
|
||||
if [ -f "ca.crt" ] || [ -f "ca.key" ]; then
|
||||
echo -e "\e[41mCertificate Authority files already exist!\e[49m"
|
||||
echo
|
||||
echo -e "You only need a single CA even if you need to create multiple certificates."
|
||||
echo -e "This way, you only ever have to import the certificate in your browser once."
|
||||
echo
|
||||
echo -e "If you want to restart from scratch, delete the \e[93mca.crt\e[39m and \e[93mca.key\e[39m files."
|
||||
exit
|
||||
fi
|
||||
|
||||
# Generate private key
|
||||
openssl genrsa -out ca.key 2048
|
||||
|
||||
# Generate root certificate
|
||||
openssl req -x509 -new -nodes -subj "/C=US/O=_Development CA/CN=Development certificates" -key ca.key -sha256 -days 3650 -out ca.crt
|
||||
|
||||
echo -e "\e[42mSuccess!\e[49m"
|
||||
echo
|
||||
echo "The following files have been written:"
|
||||
echo -e " - \e[93mca.crt\e[39m is the public certificate that should be imported in your browser"
|
||||
echo -e " - \e[93mca.key\e[39m is the private key that will be used by \e[93mcreate-certificate.sh\e[39m"
|
||||
echo
|
||||
echo "Next steps:"
|
||||
echo -e " - Import \e[93mca.crt\e[39m in your browser"
|
||||
echo -e " - run \e[93mcreate-certificate.sh example.com\e[39m"
|
||||
@ -1,60 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Generates a wildcard certificate for a given domain name.
|
||||
|
||||
set -e
|
||||
|
||||
if [ -z "$1" ]; then
|
||||
echo -e "\e[43mMissing domain name!\e[49m"
|
||||
echo
|
||||
echo "Usage: $0 example.com"
|
||||
echo
|
||||
echo "This will generate a wildcard certificate for the given domain name and its subdomains."
|
||||
exit
|
||||
fi
|
||||
|
||||
DOMAIN=$1
|
||||
|
||||
if [ ! -f "ca.key" ]; then
|
||||
echo -e "\e[41mCertificate Authority private key does not exist!\e[49m"
|
||||
echo
|
||||
echo -e "Please run \e[93mcreate-ca.sh\e[39m first."
|
||||
exit
|
||||
fi
|
||||
|
||||
# Generate a private key
|
||||
openssl genrsa -out "$DOMAIN.key" 2048
|
||||
|
||||
# Create a certificate signing request
|
||||
openssl req -new -subj "/C=US/O=Local Development/CN=$DOMAIN" -key "$DOMAIN.key" -out "$DOMAIN.csr"
|
||||
|
||||
# Create a config file for the extensions
|
||||
>"$DOMAIN.ext" cat <<-EOF
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
basicConstraints=CA:FALSE
|
||||
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
|
||||
extendedKeyUsage = serverAuth, clientAuth
|
||||
subjectAltName = @alt_names
|
||||
[alt_names]
|
||||
DNS.1 = $DOMAIN
|
||||
DNS.2 = *.$DOMAIN
|
||||
EOF
|
||||
|
||||
# Create the signed certificate
|
||||
openssl x509 -req \
|
||||
-in "$DOMAIN.csr" \
|
||||
-extfile "$DOMAIN.ext" \
|
||||
-CA ca.crt \
|
||||
-CAkey ca.key \
|
||||
-CAcreateserial \
|
||||
-out "$DOMAIN.crt" \
|
||||
-days 3650 \
|
||||
-sha256
|
||||
|
||||
rm "$DOMAIN.csr"
|
||||
rm "$DOMAIN.ext"
|
||||
|
||||
echo -e "\e[42mSuccess!\e[49m"
|
||||
echo
|
||||
echo -e "You can now use \e[93m$DOMAIN.key\e[39m and \e[93m$DOMAIN.crt\e[39m in your web server."
|
||||
echo -e "Don't forget that \e[1myou must have imported \e[93mca.crt\e[39m in your browser\e[0m to make it accept the certificate."
|
||||
@ -1,23 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIID4DCCAsigAwIBAgIJAKtmu/x14oRjMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNV
|
||||
BAYTAlVTMRgwFgYDVQQKDA9fRGV2ZWxvcG1lbnQgQ0ExITAfBgNVBAMMGERldmVs
|
||||
b3BtZW50IGNlcnRpZmljYXRlczAeFw0yMjEyMjQxMjAwMTVaFw0yMzEyMjQxMjAw
|
||||
MTVaMEMxCzAJBgNVBAYTAlVTMRowGAYDVQQKDBFMb2NhbCBEZXZlbG9wbWVudDEY
|
||||
MBYGA1UEAwwPcG9ja2V0aG9zdC50ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAyyqvdGBaEGBXKggwOxttpMQdo1GriCp1vgXXut/YRIBKitIHoQnD
|
||||
hpcb+cr4eL3UZf/t7Sz9PAl3pzw5gnzqZQSU2F7fQcdwMvAHE4qCqM1//Yz9kTkI
|
||||
LcqtG7aCru7zQ/e/UrArc0+oXddZMbVhUCL4TzT78PKm7jOVgFaAXzCbpq7LQpAM
|
||||
3H/4XcropdSfI6yG2JBvKN+BqB2JhNQfftzKnu1nuwph0V0Cpy61owFq2HGgcErT
|
||||
clMyLr5aHGFiRZK/6VAznqsIuGZWOR7mt9QMR29AQoeJVTZlUwC5BJCSYZdYPTi/
|
||||
NhexVypoAHzEJUkFfjJDJ++/inGAyR4lVwIDAQABo4HPMIHMMGQGA1UdIwRdMFuh
|
||||
TqRMMEoxCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9fRGV2ZWxvcG1lbnQgQ0ExITAf
|
||||
BgNVBAMMGERldmVsb3BtZW50IGNlcnRpZmljYXRlc4IJAPNAy38mSTvzMAkGA1Ud
|
||||
EwQCMAAwCwYDVR0PBAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
|
||||
AjAtBgNVHREEJjAkgg9wb2NrZXRob3N0LnRlc3SCESoucG9ja2V0aG9zdC50ZXN0
|
||||
MA0GCSqGSIb3DQEBCwUAA4IBAQDDyhysVi+ZUMBGv1usILV5hcnDsan0ZhfA5e4F
|
||||
v6L8OLWceVwjXu/jc3JZG2YzzZ5FUtbG7d8f3Jf/R06rcZgdf3UJtaCMhaX1gKzB
|
||||
G22vtPk7wVh3Pdw2JaN4IK66az5t3Ag4W2J91CB9Y07kWdYNXqo3I/HgN5cfHHW4
|
||||
BcTD4I1la4rfBbID8sAhrfTYrUvAjwe0IIyFjT2GYiadXsPhYJHD6NL+2pEzQjzi
|
||||
ihQSib0w3S4QAvy8zKPxeGSUZHRhpcfoHKOk4zXF5oyKGrQqkSZmHIicymcbIuLH
|
||||
X990BTfFLnUrlzPDe7DRrJ7QSLfCkVlw0/fVD1tE4QbRqnm6
|
||||
-----END CERTIFICATE-----
|
||||
@ -1,27 +0,0 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAyyqvdGBaEGBXKggwOxttpMQdo1GriCp1vgXXut/YRIBKitIH
|
||||
oQnDhpcb+cr4eL3UZf/t7Sz9PAl3pzw5gnzqZQSU2F7fQcdwMvAHE4qCqM1//Yz9
|
||||
kTkILcqtG7aCru7zQ/e/UrArc0+oXddZMbVhUCL4TzT78PKm7jOVgFaAXzCbpq7L
|
||||
QpAM3H/4XcropdSfI6yG2JBvKN+BqB2JhNQfftzKnu1nuwph0V0Cpy61owFq2HGg
|
||||
cErTclMyLr5aHGFiRZK/6VAznqsIuGZWOR7mt9QMR29AQoeJVTZlUwC5BJCSYZdY
|
||||
PTi/NhexVypoAHzEJUkFfjJDJ++/inGAyR4lVwIDAQABAoIBAQCogvEgX8KUDrR9
|
||||
YmlOvUNGBHxouBbETCN4xzPWBlBFEPvDBM3bHlQU0EUd/OH2k80WBR79N/Ga2Gds
|
||||
SKGSv7VSsGgcxyP6VUeUmE3mQV56UGi2jzjKOTm1cYP/lnPyULNpTpZcKU8Ax7No
|
||||
knOirUTXyQmX+OR3R2x56kM4PYcga561x89zF0212eR8fshP8RTYiKwKy8txjNqf
|
||||
T9Qb7TeBaOgqcJCswY/Wsk8EKYQcXsh6urlCRQ1iWEe7lnGt2z64oGQ2/9lNrEt6
|
||||
NPWUq+pFuIv3bXG2Tn64ilGCDvoRzVqQoSj83aIjHD3AiYeL9JYl05rIZGdS6Kc5
|
||||
dD0ztyNRAoGBAPtCWnegpU9KSN2B8gp0TeMr/tkZZqzTqo22NdNZ88SA7LSZWlYn
|
||||
QuL7+ldt9AoGIGw5Wl3Y1NsHZmD0uI9tTH4RtJ/kRWFFshMhD/rfHq7awwWSIgul
|
||||
CXQ+8cZYdgpohDwHP9gtD1wjuN08rKvW41AAB0LdOUV/065FrRfic5W9AoGBAM8A
|
||||
CHXA37AuZ1HCsTz+Hrwl9NiiVQxBq5z1mGMe+VGNFh9BaQHl09AP5VJX4rk5Tlh7
|
||||
Ohd+r/I5CLTp5OAq1X+i2zq+jy+bkSWPWRIN6o81PmFd1tTErLriqmmNWDRw5JPs
|
||||
2zCJv8RA/iz8vWNyb6ucv3kpCzo5bTijwr+51uajAoGAEqTez6ek/Jg3hfBBhJMS
|
||||
wHugQn3HB6YBLtjJb7BqDTe/2LrUYDYzmWI3NkubYy8HMuCimvoe+U24RBOEqmfi
|
||||
2Cv6Ki8nEsu4JgE7DVOHFFR5Si2IxzJs3CpbiGtB/w24WjfzfdgCHsUrz4bUDUA5
|
||||
x9LotwZxXH3auEDFUlNkXkUCgYEAr6LQitE/Oyb0ZYwzhJP+EhiGmrWKQh8KdOBy
|
||||
D1B9rTNv3M9MQN74DOcf5fFKH20/S5YrITpOIdFA0PhQSeAuTOEq8Lo1leiCjIMH
|
||||
yWjjZ+V+a3EK0neaM+wVOgBDIiPT3quvA40tmGCpChTcwR+dHtieIjiwHRQS12cj
|
||||
3Dfb3s8CgYADwXAPhlcqyRMhFcBMxYFdg6HzXv2U4xjHgT3q94JaIcm1otsFNQX0
|
||||
F3Daixoeu+ko3LK5LIVkm5MgO4KvIu2+Zh9grQCHMCQBL+HDCe/UQASMEnSk6iAM
|
||||
hv9qV9MqVwcG3lznfQEHcbpfdEEVfuWFiyxE8i5krNyQ5SLLnj0qGg==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
Loading…
x
Reference in New Issue
Block a user