Add information to generate SSL certificate
Change-Id: I24cb48c2c0da441885c0d688adfc502738c848cf
This commit is contained in:
Guillaume Thouvenin
parent
2b5dc4ccf7
commit
1e03ff5586
69
fixtures/https/Readme.md
Normal file
69
fixtures/https/Readme.md
Normal file
@ -0,0 +1,69 @@
|
||||
# Contents
|
||||
|
||||
- **rootCA.key** is the key used to self-signed rootCA.pem
|
||||
- **rootCA.pem** is the certificate that will act as the **StackLight Root Authority**
|
||||
|
||||
The certificate has the following information:
|
||||
```
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 10160165599701850419 (0x8d0028c8355f5933)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FR, ST=Rhone-Alpes, L=Grenoble, O=Mirantis, OU=StackLight, CN=StackLight Root Authority/emailAddress=mirantis@example.com
|
||||
Validity
|
||||
Not Before: Jun 23 14:43:30 2016 GMT
|
||||
Not After : Oct 25 14:43:30 3015 GMT
|
||||
Subject: C=FR, ST=Rhone-Alpes, L=Grenoble, O=Mirantis, OU=StackLight, CN=StackLight Root Authority/emailAddress=mirantis@example.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
...
|
||||
```
|
||||
|
||||
# Client settings
|
||||
|
||||
To be able to validate the certificate generated by the **StackLight Root
|
||||
Authority** you need to download it into your web browser or pass it to
|
||||
the client by using the correct option.
|
||||
|
||||
# Create a certificate
|
||||
|
||||
Follow these steps to generate a new certificate that can be used to enable
|
||||
HTTPS for the StackLight plugins.
|
||||
|
||||
- Generate the key for the plugin _my-plugin_.
|
||||
```
|
||||
openssl genrsa -out my-plugin.key 2048
|
||||
```
|
||||
|
||||
- Create the certificate signing request.
|
||||
```
|
||||
openssl req -new -key my-plugin.key -out my-plugin.csr
|
||||
```
|
||||
Here is an example on how to fill the fields for the Grafana plugin where
|
||||
the choosen FQDN is _grafana.fuel.local_:
|
||||
```
|
||||
Country Name (2 letter code) [AU]:FR
|
||||
State or Province Name (full name) [Some-State]:Rhone-Alpes
|
||||
Locality Name (eg, city) []:Grenoble
|
||||
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Mirantis
|
||||
Organizational Unit Name (eg, section) []:Fuel plugins
|
||||
Common Name (e.g. server FQDN or YOUR name) []:grafana.fuel.local
|
||||
Email Address []:mirantis@example.com
|
||||
Please enter the following 'extra' attributes
|
||||
to be sent with your certificate request
|
||||
A challenge password []:
|
||||
An optional company name []:
|
||||
```
|
||||
For _challenge password_ and _optional company_ just press enter.
|
||||
|
||||
- Sign it with the CA root key.
|
||||
```
|
||||
openssl x509 -req -in my-plugin.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out my-plugin.crt -days 500 -sha256
|
||||
```
|
||||
|
||||
- Concatenate the certificate and the private key into a single file.
|
||||
```
|
||||
cat my-plugin.crt my-plugin.key > my-plugin.pem
|
||||
```
|
||||
51
fixtures/https/rootCA.key
Normal file
51
fixtures/https/rootCA.key
Normal file
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEA41Qj2+urFaScCLasLcbCi1w72E6mAeHqBfdV7Y4Fe5x+7uEx
|
||||
JCXaxYUBmH1e0qi7jKqkKz1kVgNN5p8mR5GyGrPLAoYM/2fw9Z0Vguk2UuLhCNws
|
||||
i9F88hnZWENkD+pgUBrc2HH2ZF5liSGjacSb268pCIQFBTVsx1oYdDKrJOxxUsmT
|
||||
3waJGTfsgGeyZ3G2oywvnrEGgOKwcUeymmmGid0hhsKGYN4BD3TAUZnfr4dkjaNA
|
||||
eGDc98YlYOsW+POdj32o8/5lX1XGQFoUZKaM18npHgXiKYiT93Yjn1v7ks1e4uOG
|
||||
LkDQUJY+rVbFHVy1UUUv3Mzj1Dqc5raXXHgxN/AJU9h/oGB/4lzipKRP0as1AS7W
|
||||
H6x1nEnXjRc6Xp66l7jmtlMkh63xBAEnyBcRabWjiDw4FTqJC5epN/b46n3XRpK6
|
||||
VRrVSGNGHWAN1Eu6hO4bI0STthFc9Mx/Saa5CG4htC2QeyujYkmlInR7q/mfWJyz
|
||||
frQMf5AI1SoLD4+BOKKia/VmOkYLgRDH2Z6fOFAtrXtp62rs+i21xxUHkVbCCsXh
|
||||
KhcG/W8YFTH2jTzwi+JT+WxS4NxNk0kNge4moAeTCpKe5HnsWSiooYtE10Wbp7uk
|
||||
rlrw8dT9ghEhnUzyrAR1gF+1ML5u3WGkUCRe1OUuUm+UpLyEEsrPi7qeh2ECAwEA
|
||||
AQKCAgEAgCsyRI4s2XkDmE4V6YFEsnoAK8a8BhevcEmxIsyN/tGPJ3PD1xOYswB4
|
||||
k9crnS4RABA9mztz1KLsSvi0Bmn4tuFjtjqKHX4m9vPn6vU98aGFKw+n9fTYs08r
|
||||
oX3tbqPARam/ljE6sAAg0x4qGjoFfejWA70bb4JdoFAFtY3TvG+qvPh17KqspZFI
|
||||
QGU2yufsBzekaZ55gjVNMbEw26pfdl88xdPrG7ZPdr1mqRtOaJK3eLvwX26NZw1K
|
||||
ichCHX6M+RfqKBboZMXhjuq60LyucAOg8ZJznuMoOb9b+j9MKcqsktOhFXbpfGYZ
|
||||
VHW1kQZyHC4b/Ctw0HlzeQi9ch8577VnxvIYZ5WognznDwSv60lwXA4b5TNM8Ri/
|
||||
Gtaki3TQkU8/n7rXhBLwEF6Hl2QgHc3gTWftnQAocyk8+QX1MjzdmvtQWqmPZVC/
|
||||
j++gBOZWPZLkcQKH0KsK9cYA4EpasT2uXTuSx/m6sEHuGCJM0csagmsUDFOk2ivC
|
||||
jLk+mIsK3wxuXdMR9Vf/FK3M/YpFWN2AwPE3Y3fqIsTXQHKTwYH2CxwFLMhBd/s6
|
||||
ZQ5Tu04800VypXcvr4C9byOo96eIbhaZXboFEYvbmXk6RgXcafXTeVm9MRDYWCzu
|
||||
DTY2KVxV30UhBEwWCK8SzFlHDoJHPelMXux4+7DMG17q3B9WXIECggEBAP9qAyQX
|
||||
etR5J6mQhDnmiVTdyuomtxsL8AFHkvsmsUrujfaZohQDaKFeE2ojCewUdSL72aae
|
||||
fQgucPpgsqQcV4ptNFZoFMRxMCTqoy7lTEI7bC7bjvhXw7Vav3bLWUYU/7LKx+f1
|
||||
QiQEHcUSk6mKgp799ygXYk8DJwsQKYZTEbIDY5sYW64KTAgA/xTMe0wzoPlqpsK9
|
||||
7TJJA8TX0SX/mwOyuWL3+Lbrsydqf1MA+9CNVwPWiw/nnmrJpqAYKIUPcB8q2tXS
|
||||
Nr6l6LJj8Dafq/Bi7vyeqd+GxRnw9RAO0WlyppfjETaN99uGAfPrdaLd3Jw9o3Qp
|
||||
3u/7pg+gu3z10akCggEBAOPZopWC3UVNPoy7wXjmEzAc5Knr7MPkKYj67MDyT00X
|
||||
HLPCU5h3xh1TW1nCSY2Uug6BFSKcdNYZyaVOKJpcJml1oPAg75wWz4JttTLrHY+Q
|
||||
jnp6ZqzdNwbOpHUuNQ5Tcnf4v1XjQJeIJCF7VXAM3DOC3zFcVVHPLV2nwjaaXigu
|
||||
teYJxxssChuzmD7lxUgFjrNMcE7/2SVa2b9cC+XGBKr/J1vlw8Yhd/JHB/JvpZzU
|
||||
Q/+iq9RzTjDap0zhe9OlnxJo9c615sXIyulyIjEAykQZSW2SJLLGmtN6ALfxXQ94
|
||||
5tJm4xO+Fk57T6gsVerCjTmyLM7Fme47xOEpf8nNCvkCggEAcppAuosGhBuwnjbH
|
||||
/arhaAD0sUeZ1Trv/8L7wlFEL9kGPeYFgXFeGzm5AGCkbRdoz7+tk0N92pPsAYwt
|
||||
29ETvnrthu/Akbwv3ACkI8CjDPzYt9WwOuI2YENNsaHgdr+pU7IFLKExgjOOoASL
|
||||
2QDbRzexFH4ZkFZbyG0CFNFlGTjIEqlFSbw5DUZVLiHqGPD5g7BFDxBlQ7DbThGA
|
||||
OMqN5YTmBfA52um7Qy5X3wiL9LHWn1Q+pW5J+KRubVspozqgFnwGIPbntXeAB7sr
|
||||
53aRkZTyossWccNo4RDrBL+BWw0kjvZFnPLqiceBTM8Tw3ZFLJ3Dn7XB4HBLvKtk
|
||||
NNefsQKCAQEAihqA5FR0n6vJLO4kv43ctX3dz2yTjsx9rGxDElQMYvKOUBqKJtD6
|
||||
QQ4kQYx0np82AtKUp+zjGF57DXoJPD58fdFxYfrkoNxmnGy4tosx2LHK2kvUbhSL
|
||||
ZNHddrUyLWPA7xzThFCA9xfqpmymBYuV8Jbzh2yqvjJwEeM74XLBfWOKl0r35u1T
|
||||
lyTNM9p7MENGEkFTlV6YFH8zmjxFbdkPPUH4bkge2LmyhSQumfC4Fg3GxWyo79WP
|
||||
4Ca33u6Q6mDpwPPjgY5ZuSoSa1rlhIQxFQOqsQIywjWE5Id/Zf6i5Fzos0DvhCjk
|
||||
Rl+RkaKF1QxlI0JuzEmTGoYZuEw6C2v/qQKCAQEArfMnfqBQfix6qDEafC9NdK8G
|
||||
hPhGIcgVAVgbTvy0hFX/vse+lRi9DpGmYT3+s/y1NPKWnypAaiqFqPMnlSv2Sthg
|
||||
6jmi0PQ4KMABExko+JSuFCa3aX5P1x76ptsYx+5hWUVqyEznyPKxvca7VP80OhTN
|
||||
KoQUn4g/zXeJ5Ygme/UPbc+IkWRsyW49WvJXNJASbxEpbWVOE2W5ntQS1c3J3A1C
|
||||
dtlz+7DHKQQfQBA/f3ZaFdQCh6T2YjjpQWL2rIIKc5g6WMrc/G5b3KIWsupCU4+C
|
||||
th4a2TvYwps1rPXFweBXYxmcdnzIZFaeCXnMtiZVafehuMyZvK1mky2j866GfA==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
35
fixtures/https/rootCA.pem
Normal file
35
fixtures/https/rootCA.pem
Normal file
@ -0,0 +1,35 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIGJTCCBA2gAwIBAgIJAI0AKMg1X1kzMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYD
|
||||
VQQGEwJGUjEUMBIGA1UECAwLUmhvbmUtQWxwZXMxETAPBgNVBAcMCEdyZW5vYmxl
|
||||
MREwDwYDVQQKDAhNaXJhbnRpczETMBEGA1UECwwKU3RhY2tMaWdodDEiMCAGA1UE
|
||||
AwwZU3RhY2tMaWdodCBSb290IEF1dGhvcml0eTEjMCEGCSqGSIb3DQEJARYUbWly
|
||||
YW50aXNAZXhhbXBsZS5jb20wIBcNMTYwNjIzMTQ0MzMwWhgPMzAxNTEwMjUxNDQz
|
||||
MzBaMIGnMQswCQYDVQQGEwJGUjEUMBIGA1UECAwLUmhvbmUtQWxwZXMxETAPBgNV
|
||||
BAcMCEdyZW5vYmxlMREwDwYDVQQKDAhNaXJhbnRpczETMBEGA1UECwwKU3RhY2tM
|
||||
aWdodDEiMCAGA1UEAwwZU3RhY2tMaWdodCBSb290IEF1dGhvcml0eTEjMCEGCSqG
|
||||
SIb3DQEJARYUbWlyYW50aXNAZXhhbXBsZS5jb20wggIiMA0GCSqGSIb3DQEBAQUA
|
||||
A4ICDwAwggIKAoICAQDjVCPb66sVpJwItqwtxsKLXDvYTqYB4eoF91XtjgV7nH7u
|
||||
4TEkJdrFhQGYfV7SqLuMqqQrPWRWA03mnyZHkbIas8sChgz/Z/D1nRWC6TZS4uEI
|
||||
3CyL0XzyGdlYQ2QP6mBQGtzYcfZkXmWJIaNpxJvbrykIhAUFNWzHWhh0Mqsk7HFS
|
||||
yZPfBokZN+yAZ7JncbajLC+esQaA4rBxR7KaaYaJ3SGGwoZg3gEPdMBRmd+vh2SN
|
||||
o0B4YNz3xiVg6xb4852Pfajz/mVfVcZAWhRkpozXyekeBeIpiJP3diOfW/uSzV7i
|
||||
44YuQNBQlj6tVsUdXLVRRS/czOPUOpzmtpdceDE38AlT2H+gYH/iXOKkpE/RqzUB
|
||||
LtYfrHWcSdeNFzpenrqXuOa2UySHrfEEASfIFxFptaOIPDgVOokLl6k39vjqfddG
|
||||
krpVGtVIY0YdYA3US7qE7hsjRJO2EVz0zH9JprkIbiG0LZB7K6NiSaUidHur+Z9Y
|
||||
nLN+tAx/kAjVKgsPj4E4oqJr9WY6RguBEMfZnp84UC2te2nrauz6LbXHFQeRVsIK
|
||||
xeEqFwb9bxgVMfaNPPCL4lP5bFLg3E2TSQ2B7iagB5MKkp7keexZKKihi0TXRZun
|
||||
u6SuWvDx1P2CESGdTPKsBHWAX7Uwvm7dYaRQJF7U5S5Sb5SkvIQSys+Lup6HYQID
|
||||
AQABo1AwTjAdBgNVHQ4EFgQUvRoj5PYpT7o0XJeLJxN3qElMwg0wHwYDVR0jBBgw
|
||||
FoAUvRoj5PYpT7o0XJeLJxN3qElMwg0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
|
||||
AQsFAAOCAgEAQNUOrdFB+VkcRe0TEcra9ibxX4H9JCGLVewX29dAwaEymbrQg1e8
|
||||
amxV+XqrMFmUE9VLdECBz0DHrEqSMnGaItdpsTOmA4k8oPK/qWSkvg0qjAuTN+TV
|
||||
u9ajO/Y3HoQ3WWbxEdqB8OrpZnWJe9mOrGMSVdEUlZYdGPprkUwC9NPsPtUHitlr
|
||||
PBq+3/rnh7onWerAJskEPY9bTP2+tR6438KTRr3TX/37s4Kqot+nnC9RBRHBB9kz
|
||||
cf++4ynCkdw1Rc3QayFSyor0tjE6/5mEpnHBOoC3u6tTvz4+XPNnRp+JBLgRu9HY
|
||||
M/CrNNxV0B3Zq56kY63GUOb87gVZVz1NUDrJKXjMqkqIOyPmiW60SyDbnS9Wg++h
|
||||
c/EVcB/IbysuY+0IzaHRTsL+j9NRU9rgurxqpnVW8h8JvpLyFs6p7s3ADm1OTZ/N
|
||||
nIeao94l+QijfI8PwCSxDvMd0v4KkyZXFcxaI/iLSwRHwch0c+nvN8WmZBcyP02p
|
||||
PgHU9WRq1rhMjthyCwxej75bGjD+bxrtjfn0bZ0ASCoE0TXgLou9UjEtkexvhHiK
|
||||
D/ddcS7PjP5eUyasZeaHcn237VYna3TWlY6Lw9RNsH6vveeR5pHeT4pUmD7WbyAB
|
||||
Y6XFKtgXkwiYw511MbVJ1Pa/ob6dBKVPEK1L2Y/Fjw1w3gXW4pxErtk=
|
||||
-----END CERTIFICATE-----
|
||||
Loading…
Reference in New Issue
Block a user