This repository has been archived by the owner on Jun 16, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add: docker-compose.yml for create a Solace docker instance with tls …
…enabled
- Loading branch information
Showing
7 changed files
with
342 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,152 @@ | ||
# Solace PS+ with TLS | ||
|
||
## Reference | ||
|
||
[Secrets Configuration](https://docs.solace.com/Configuring-and-Managing/SW-Broker-Specific-Config/Docker-Tasks/Config-Secrets.htm) | ||
|
||
## Setup a PS+ broker with TLS enable | ||
|
||
### Create a self signed certificate | ||
|
||
```bash | ||
# Generate a Private Key | ||
$ openssl genrsa -out localhost.key 2048 | ||
Generating RSA private key, 2048 bit long modulus | ||
......................+++ | ||
.....................................................................+++ | ||
e is 65537 (0x10001) | ||
|
||
# Generate a CSR (Certificate Signing Request) with subjectAltName | ||
$ openssl req -new -sha256 \ | ||
-out localhost.csr \ | ||
-key localhost.key \ | ||
-config openssl.cnf \ | ||
-subj "/C=CN/ST=GuangDong/L=ShenZhen/O=Acme, Inc./CN=localhost/" | ||
|
||
# Generating a Self-Signed Certificate | ||
$ openssl x509 -req \ | ||
-sha256 \ | ||
-days 365 \ | ||
-in localhost.csr \ | ||
-signkey localhost.key \ | ||
-out localhost.crt \ | ||
-extensions req_ext \ | ||
-extfile openssl.cnf | ||
|
||
Signature ok | ||
subject=/C=CN/ST=GuangDong/L=ShenZhen/O=Acme, Inc./CN=localhost | ||
Getting Private key | ||
|
||
# Generate a PEM file for Solace PS+ broker | ||
$ cat localhost.crt localhost.key > localhost.pem | ||
|
||
# Check the CSR and Certificate, you should see "Subject Alternative Name" | ||
$ openssl req -text -noout -in localhost.csr | ||
$ openssl x509 -text -noout -in localhost.crt | ||
``` | ||
|
||
### Create a PS+ docker instance with TLS enabled | ||
|
||
Update the "volumes" section of `./docker-compose.yml` with the full path of the folder contains above certificate. | ||
|
||
## Start the PS+ broker | ||
|
||
```bash | ||
docker-compose up -d | ||
Creating network "tls_default" with the default driver | ||
Creating tlsbroker ... done | ||
``` | ||
|
||
## Verify the TLS service is enable | ||
|
||
You will find that ports like `1943` (Access to PubSub+ Manager over HTTPS, SEMP over TLS), 55443 (SMF TLS / SSL) all open now. | ||
|
||
```bash | ||
docker exec -it tlsbroker /usr/sw/loads/currentload/bin/cli -A | ||
|
||
Solace PubSub+ Standard Version 9.5.0.25 | ||
|
||
The Solace PubSub+ Standard is proprietary software of | ||
Solace Corporation. By accessing the Solace PubSub+ Standard | ||
you are agreeing to the license terms and conditions located at | ||
http://www.solace.com/license-software | ||
|
||
Copyright 2004-2020 Solace Corporation. All rights reserved. | ||
|
||
To purchase product support, please contact Solace at: | ||
https://solace.com/contact-us/ | ||
|
||
Operating Mode: Message Routing Node | ||
|
||
3dd5cd886d54> show service | ||
|
||
Msg-Backbone: Enabled | ||
VRF: management | ||
SMF: Enabled | ||
Web-Transport: Enabled | ||
REST Incoming: Enabled | ||
REST Outgoing: Enabled | ||
MQTT: Enabled | ||
AMQP: Enabled | ||
Health-check: Enabled | ||
Mate-link: Enabled | ||
Redundancy: Enabled | ||
|
||
Max Incoming Connections: 100 | ||
Service SMF: 100 | ||
Service Web-Transport: 100 | ||
Service REST: 100 | ||
Service MQTT: 100 | ||
Service AMQP: 100 | ||
Max Outgoing Connections: | ||
Service REST: 100 | ||
Max SSL Connections: 100 | ||
|
||
Event Threshold Set Value Clear Value | ||
---------------------------------- ---------------- ---------------- | ||
Incoming Connections 80%(80) 60%(60) | ||
Service SMF 80%(80) 60%(60) | ||
Outgoing Connections | ||
Service REST 80%(80) 60%(60) | ||
SSL Connections 80%(80) 60%(60) | ||
|
||
|
||
Flags Legend: | ||
TP - Transport | ||
T+U - TCP and UDP | ||
S - SSL (Y=Yes, N=No, -=not-applicable) | ||
C - Compressed (Y=Yes, N=No, -=not-applicable) | ||
R - Routing Ctrl (Y=Yes, N=No, -=not-applicable) | ||
VRF - VRF (Mgmt=management, MsgBB=msg-backbone) | ||
A - Admin State (U=Up, D=Down, -=not-applicable) | ||
O - Oper State (U=Up, D=Down, -=not-applicable) | ||
|
||
Status | ||
Service TP S C R VRF MsgVpn Port A O Failed Reason | ||
---------- --- ----- ----- --------------- ----- --- -------------------------- | ||
SEMP TCP N - - Mgmt 8080 U U | ||
SEMP TCP Y - - Mgmt 1943 U U | ||
SMF TCP N N N Mgmt 55555 U U | ||
---Press any key to continue, or `q' to quit--- | ||
SMF TCP N Y N Mgmt 55003 U U | ||
SMF TCP N N Y Mgmt 55556 U D | ||
SMF TCP Y N N Mgmt 55443 U U | ||
SMF WEB N - - Mgmt 8008 U U | ||
SMF WEB Y - - Mgmt 1443 U U | ||
MQTT TCP N - - Mgmt default 1883 U U | ||
MQTT TCP Y - - Mgmt default 8883 U U | ||
MQTT WEB N - - Mgmt default 8000 U U | ||
MQTT WEB Y - - Mgmt default 8443 U U | ||
AMQP TCP N - - MsgBB default 5672 U U | ||
AMQP TCP Y - - MsgBB default 5671 U U | ||
REST WEB N - - Mgmt default 9000 U U | ||
REST WEB Y - - Mgmt default 9443 U U | ||
MATELINK TCP N N N Mgmt 8741 U D Missing Mate Address | ||
HEALTHCHK TCP N N N Mgmt 5550 U U | ||
REDUNDANCY TCP Y N N Mgmt 8300 U D | ||
REDUNDANCY T+U Y N N Mgmt 8301 U D | ||
REDUNDANCY T+U Y N N Mgmt 8302 U D | ||
3dd5cd886d54> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
# docker-compose --compatibility up -d | ||
# docker exec -it tlsbroker /usr/sw/loads/currentload/bin/cli -A | ||
version: '3.9' | ||
|
||
services: | ||
tlsbroker: | ||
container_name: tlsbroker | ||
image: solace/solace-pubsub-standard:latest | ||
shm_size: 2g | ||
ulimits: | ||
nofile: | ||
soft: 2448 | ||
hard: 38048 | ||
ports: | ||
#Port Mappings: Ports are mapped straight through from host to | ||
#container. This may result in port collisions on commonly used | ||
#ports that will cause failure of the container to start. | ||
# Solace CLI SSH/SFTP | ||
- 2222:2222 | ||
#Web transport | ||
#- '80:80' | ||
#Web transport over TLS | ||
#- '443:443' | ||
#MQTT Default VPN | ||
- '1883:1883' | ||
#AMQP Default VPN over TLS | ||
#- '5671:5671' | ||
#AMQP Default VPN | ||
#- '5672:5672' | ||
#MQTT Default VPN over WebSockets | ||
#- '8000:8000' | ||
#MQTT Default VPN over WebSockets / TLS | ||
#- '8443:8443' | ||
#MQTT Default VPN over TLS | ||
- '8883:8883' | ||
#SEMP / PubSub+ Manager | ||
- '8080:8080' | ||
#SEMP / PubSub+ Manager over TLS | ||
- '1943:1943' | ||
#REST Default VPN | ||
- '9000:9000' | ||
#REST Default VPN over TLS | ||
- '9443:9443' | ||
#SMF | ||
- '44444:55555' | ||
#SMF Compressed | ||
- '55003:55003' | ||
#SMF over TLS | ||
- '55443:55443' | ||
volumes: | ||
- "./:/run/secrets" | ||
environment: | ||
- username_admin_globalaccesslevel=admin | ||
- username_admin_password=admin | ||
- system_scaling_maxconnectioncount=1000 | ||
- tls_servercertificate_filepath=/run/secrets/localhost.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
-----BEGIN CERTIFICATE----- | ||
MIIDVTCCAj2gAwIBAgIJAJawWnFv0vT9MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV | ||
BAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcMCFNoZW5aaGVuMRMw | ||
EQYDVQQKDApBY21lLCBJbmMuMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjAwNjE2 | ||
MDgzOTA3WhcNMjEwNjE2MDgzOTA3WjBdMQswCQYDVQQGEwJDTjESMBAGA1UECAwJ | ||
R3VhbmdEb25nMREwDwYDVQQHDAhTaGVuWmhlbjETMBEGA1UECgwKQWNtZSwgSW5j | ||
LjESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB | ||
CgKCAQEAzDBLQKokCWnLrp4r/CzSWQ3asG70d2eo9mNMCUfZkpBPXsWK9czsRNSK | ||
6CYu6AiHhdPxo+Kgla1UH31FLwLQvTQhpc5LKtynf+vYtQxRa4Y3Sq+h9o8VaIho | ||
0WBellk4t22ge1awEAAE8JVmsBa+RmF/EmYaeg/n6F6lul5w/TRszWUA4FVq8Qji | ||
rjMDWvTy/n57M9a9btjYUa/cVLYf1q3g9RX6JCeEsdsUWJZ9V5Em3Twb1W/rLEb6 | ||
/Qsl8MutVkYY4llq/ppWST++ksTnHp+XM5lD/76UC9Q3361zgV+IoTVNAGTtfMg6 | ||
OgN+utNpXlQYx7ICqFc1pa9+hfBYiwIDAQABoxgwFjAUBgNVHREEDTALgglsb2Nh | ||
bGhvc3QwDQYJKoZIhvcNAQELBQADggEBAFbut9NmYgy+HWXrBffXTz0PC999e7FC | ||
pXvjdBNAMSyL6hvZypo7L9J8MtomoAYUqyT+0vNA+beCfpRyYIF3jw3EnuHVp9/h | ||
4D+lpvQpkSabCTHqs1BBPtTzVis6IbK8QX9KuFM6v7q5HGuRSssvIS0QJPZ4mq/A | ||
M1hoTz/mwLwmq/l2pvcYX0mV7M2T6Wq0sOjWDgNBtuX79+F+wZ6JlodGccJYKt/3 | ||
bPZOr8nfl+Mm2qHGk59Bo3Jr3iEveJTfMDWUJ9civg0PbiWDeuI3MingVNkMqC1w | ||
dqjA8zbP0ZIUCZAgjHgp/y9DfbLOQ5/jOTZUHGwjZ62rILgPCYPNylo= | ||
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
-----BEGIN CERTIFICATE REQUEST----- | ||
MIICyTCCAbECAQAwXTELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nRG9uZzER | ||
MA8GA1UEBwwIU2hlblpoZW4xEzARBgNVBAoMCkFjbWUsIEluYy4xEjAQBgNVBAMM | ||
CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwwS0Cq | ||
JAlpy66eK/ws0lkN2rBu9HdnqPZjTAlH2ZKQT17FivXM7ETUiugmLugIh4XT8aPi | ||
oJWtVB99RS8C0L00IaXOSyrcp3/r2LUMUWuGN0qvofaPFWiIaNFgXpZZOLdtoHtW | ||
sBAABPCVZrAWvkZhfxJmGnoP5+hepbpecP00bM1lAOBVavEI4q4zA1r08v5+ezPW | ||
vW7Y2FGv3FS2H9at4PUV+iQnhLHbFFiWfVeRJt08G9Vv6yxG+v0LJfDLrVZGGOJZ | ||
av6aVkk/vpLE5x6flzOZQ/++lAvUN9+tc4FfiKE1TQBk7XzIOjoDfrrTaV5UGMey | ||
AqhXNaWvfoXwWIsCAwEAAaAnMCUGCSqGSIb3DQEJDjEYMBYwFAYDVR0RBA0wC4IJ | ||
bG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQBKecNl6n3JqlubC4fRK6RQiZGn | ||
yHYl5BCXDfFobOyIbTZsC1NymA71gwE2lXZpbTdGA2V9tIY/wVSYrRRSa1rVhwu8 | ||
wtfg70UucUvbSI679LPVmbN7W+bICPVf3KKYy3xbCXAhmllUSwWSNWvQNF3ya1XP | ||
/FLM7JTv5UiYAZJpvd9vCzEB0R4pKfBHGt3+qfZ8iitFQB3JtsJRo+gBbWfALtNd | ||
Fc3e6+zpn8hCYE2HlU3RrmsGNaZxZEkuHMu3YW7uZ+sh7m8eytnzZq2LaLXmUubx | ||
E831wg5z987o/gWpUBoyzKsJ+vZpG5/oVu+jnxWXsknu+hGM+WLYUufAzKlh | ||
-----END CERTIFICATE REQUEST----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
-----BEGIN RSA PRIVATE KEY----- | ||
MIIEowIBAAKCAQEAzDBLQKokCWnLrp4r/CzSWQ3asG70d2eo9mNMCUfZkpBPXsWK | ||
9czsRNSK6CYu6AiHhdPxo+Kgla1UH31FLwLQvTQhpc5LKtynf+vYtQxRa4Y3Sq+h | ||
9o8VaIho0WBellk4t22ge1awEAAE8JVmsBa+RmF/EmYaeg/n6F6lul5w/TRszWUA | ||
4FVq8QjirjMDWvTy/n57M9a9btjYUa/cVLYf1q3g9RX6JCeEsdsUWJZ9V5Em3Twb | ||
1W/rLEb6/Qsl8MutVkYY4llq/ppWST++ksTnHp+XM5lD/76UC9Q3361zgV+IoTVN | ||
AGTtfMg6OgN+utNpXlQYx7ICqFc1pa9+hfBYiwIDAQABAoIBAEWXMA6Z7i5HIGQj | ||
BFqt7ALt9dqr9iW77poKvZ9sHXsWM/bY3MNpVB0hUzZLzTDHt2ilE3YHhzN8H2+c | ||
AjhDfWD+o3kfFf9FtNCkUPdje1xqIe4SbeDaYzF9TDwP3Czhu7LIaimfIeJSH1zf | ||
jl/1YGQcVnKu2ddAFInduB4MkfW5jIFP6zHGNThHwJcxlxmd5EE1tGm5GE8Me1YS | ||
bkAkT8DUBqYPHDVRTfwzROvgncGfpctoLvsnc/ZVA+YWNF4c4zDxfZtZ06/Nvu4a | ||
3KOHXVIINrvFiVlxkPwtGkMvYRufzlJtZE1IW93Zjz00ZQo+FD0pkc5Aalf2ojeb | ||
YpGmVAECgYEA5upV1D8ReSKWFlil5s5pF/E2ElLHTVOaBrs5TZ+MIhU0POLaJJ7W | ||
c84+ZQlxJP853PqOhTw8ozIFAMh8LDITHMmA4lNwxKXAIoHmLoe2GTLYD9N/mir5 | ||
HaYejSEDAG7uX61hoeYzXiwuPHA759gH31zEYoXcHQqBhc3Pbpq7i/MCgYEA4l6y | ||
+UOKpkVQZ3yWHeM6dXgUcsnMqfYlwoVvLDPZ2tq9ChlR0FXZdrG3z/X1jjvDZf/b | ||
3Vhknuzzjm7w9vHesWZj2rhzevVxgZRw6Y02Z6uIWGJX9EupGi63nEEfZb4ThYjI | ||
Ccm6Qdtb28kBJTSMG0xn7hlIaV8bcDrtsvqCHwkCgYAiWn6GYxOgZ+rYTDvySIcO | ||
Ds6yjyojcOqbUcNGrxPUBj+NR1qY1CCnfel+cpcon+fl3kjRvZJv3QMtiKYglRqO | ||
z9Oi2DMQrnAVMioihgIrYYsPX7G+J+KD7LDi4iRmLhq8lTjPM0Y1HnGKgFAJP/R7 | ||
4Hs/BRcoIuX+GA5iMBbyzQKBgQDJeRF/qq6HR9/FC2ysUyYfkO1aMONYTfzTgWEu | ||
DUQTdmWTzG81poLzEj+P9tBDdEt3x94OxfJgRHKNTY5nq2PRrlinPU2CnVsVwmEw | ||
bP+EC3ZBe93eT0zFQdknWAqyyhaj3dZ0Z7e/j5XVKrQ7QeaFEV7a2mPJbN2F6NzQ | ||
VAdlyQKBgDE4+VS0F+HmdfkQljNaGQacN0pd+IdcHeiSyhwkly6e6BQjOL167qy8 | ||
x02y3iBSo2LgHhr3xfJ2Ang8meUui41O/D+UOrGWsni8T95Vg9EpXNmR3pV29gC4 | ||
dfyyi0TubTv+Z1s3PkAZ5OqUkYv+hqY5ebWmuS/3LQdWaADvn9cv | ||
-----END RSA PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
-----BEGIN CERTIFICATE----- | ||
MIIDVTCCAj2gAwIBAgIJAJawWnFv0vT9MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV | ||
BAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcMCFNoZW5aaGVuMRMw | ||
EQYDVQQKDApBY21lLCBJbmMuMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjAwNjE2 | ||
MDgzOTA3WhcNMjEwNjE2MDgzOTA3WjBdMQswCQYDVQQGEwJDTjESMBAGA1UECAwJ | ||
R3VhbmdEb25nMREwDwYDVQQHDAhTaGVuWmhlbjETMBEGA1UECgwKQWNtZSwgSW5j | ||
LjESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB | ||
CgKCAQEAzDBLQKokCWnLrp4r/CzSWQ3asG70d2eo9mNMCUfZkpBPXsWK9czsRNSK | ||
6CYu6AiHhdPxo+Kgla1UH31FLwLQvTQhpc5LKtynf+vYtQxRa4Y3Sq+h9o8VaIho | ||
0WBellk4t22ge1awEAAE8JVmsBa+RmF/EmYaeg/n6F6lul5w/TRszWUA4FVq8Qji | ||
rjMDWvTy/n57M9a9btjYUa/cVLYf1q3g9RX6JCeEsdsUWJZ9V5Em3Twb1W/rLEb6 | ||
/Qsl8MutVkYY4llq/ppWST++ksTnHp+XM5lD/76UC9Q3361zgV+IoTVNAGTtfMg6 | ||
OgN+utNpXlQYx7ICqFc1pa9+hfBYiwIDAQABoxgwFjAUBgNVHREEDTALgglsb2Nh | ||
bGhvc3QwDQYJKoZIhvcNAQELBQADggEBAFbut9NmYgy+HWXrBffXTz0PC999e7FC | ||
pXvjdBNAMSyL6hvZypo7L9J8MtomoAYUqyT+0vNA+beCfpRyYIF3jw3EnuHVp9/h | ||
4D+lpvQpkSabCTHqs1BBPtTzVis6IbK8QX9KuFM6v7q5HGuRSssvIS0QJPZ4mq/A | ||
M1hoTz/mwLwmq/l2pvcYX0mV7M2T6Wq0sOjWDgNBtuX79+F+wZ6JlodGccJYKt/3 | ||
bPZOr8nfl+Mm2qHGk59Bo3Jr3iEveJTfMDWUJ9civg0PbiWDeuI3MingVNkMqC1w | ||
dqjA8zbP0ZIUCZAgjHgp/y9DfbLOQ5/jOTZUHGwjZ62rILgPCYPNylo= | ||
-----END CERTIFICATE----- | ||
-----BEGIN RSA PRIVATE KEY----- | ||
MIIEowIBAAKCAQEAzDBLQKokCWnLrp4r/CzSWQ3asG70d2eo9mNMCUfZkpBPXsWK | ||
9czsRNSK6CYu6AiHhdPxo+Kgla1UH31FLwLQvTQhpc5LKtynf+vYtQxRa4Y3Sq+h | ||
9o8VaIho0WBellk4t22ge1awEAAE8JVmsBa+RmF/EmYaeg/n6F6lul5w/TRszWUA | ||
4FVq8QjirjMDWvTy/n57M9a9btjYUa/cVLYf1q3g9RX6JCeEsdsUWJZ9V5Em3Twb | ||
1W/rLEb6/Qsl8MutVkYY4llq/ppWST++ksTnHp+XM5lD/76UC9Q3361zgV+IoTVN | ||
AGTtfMg6OgN+utNpXlQYx7ICqFc1pa9+hfBYiwIDAQABAoIBAEWXMA6Z7i5HIGQj | ||
BFqt7ALt9dqr9iW77poKvZ9sHXsWM/bY3MNpVB0hUzZLzTDHt2ilE3YHhzN8H2+c | ||
AjhDfWD+o3kfFf9FtNCkUPdje1xqIe4SbeDaYzF9TDwP3Czhu7LIaimfIeJSH1zf | ||
jl/1YGQcVnKu2ddAFInduB4MkfW5jIFP6zHGNThHwJcxlxmd5EE1tGm5GE8Me1YS | ||
bkAkT8DUBqYPHDVRTfwzROvgncGfpctoLvsnc/ZVA+YWNF4c4zDxfZtZ06/Nvu4a | ||
3KOHXVIINrvFiVlxkPwtGkMvYRufzlJtZE1IW93Zjz00ZQo+FD0pkc5Aalf2ojeb | ||
YpGmVAECgYEA5upV1D8ReSKWFlil5s5pF/E2ElLHTVOaBrs5TZ+MIhU0POLaJJ7W | ||
c84+ZQlxJP853PqOhTw8ozIFAMh8LDITHMmA4lNwxKXAIoHmLoe2GTLYD9N/mir5 | ||
HaYejSEDAG7uX61hoeYzXiwuPHA759gH31zEYoXcHQqBhc3Pbpq7i/MCgYEA4l6y | ||
+UOKpkVQZ3yWHeM6dXgUcsnMqfYlwoVvLDPZ2tq9ChlR0FXZdrG3z/X1jjvDZf/b | ||
3Vhknuzzjm7w9vHesWZj2rhzevVxgZRw6Y02Z6uIWGJX9EupGi63nEEfZb4ThYjI | ||
Ccm6Qdtb28kBJTSMG0xn7hlIaV8bcDrtsvqCHwkCgYAiWn6GYxOgZ+rYTDvySIcO | ||
Ds6yjyojcOqbUcNGrxPUBj+NR1qY1CCnfel+cpcon+fl3kjRvZJv3QMtiKYglRqO | ||
z9Oi2DMQrnAVMioihgIrYYsPX7G+J+KD7LDi4iRmLhq8lTjPM0Y1HnGKgFAJP/R7 | ||
4Hs/BRcoIuX+GA5iMBbyzQKBgQDJeRF/qq6HR9/FC2ysUyYfkO1aMONYTfzTgWEu | ||
DUQTdmWTzG81poLzEj+P9tBDdEt3x94OxfJgRHKNTY5nq2PRrlinPU2CnVsVwmEw | ||
bP+EC3ZBe93eT0zFQdknWAqyyhaj3dZ0Z7e/j5XVKrQ7QeaFEV7a2mPJbN2F6NzQ | ||
VAdlyQKBgDE4+VS0F+HmdfkQljNaGQacN0pd+IdcHeiSyhwkly6e6BQjOL167qy8 | ||
x02y3iBSo2LgHhr3xfJ2Ang8meUui41O/D+UOrGWsni8T95Vg9EpXNmR3pV29gC4 | ||
dfyyi0TubTv+Z1s3PkAZ5OqUkYv+hqY5ebWmuS/3LQdWaADvn9cv | ||
-----END RSA PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# https://langui.sh/2009/02/27/creating-a-subjectaltname-sanucc-csr/ | ||
[req] | ||
distinguished_name = req_distinguished_name | ||
req_extensions = req_ext # The extentions to add to the self signed cert | ||
|
||
[req_distinguished_name] | ||
[ req_distinguished_name ] | ||
countryName = Country Name (2 letter code) | ||
countryName_default = CN | ||
stateOrProvinceName = State or Province Name (full name) | ||
stateOrProvinceName_default = GuangDong | ||
localityName = Locality Name (eg, city) | ||
localityName_default = ShenZhen | ||
organizationName = Organization Name (eg, company) | ||
organizationName_default = Solace, Co. | ||
commonName = Common Name (eg, YOUR name) | ||
commonName_max = 64 | ||
commonName_default = localhost | ||
[req_ext] | ||
subjectAltName = @alt_names | ||
|
||
[alt_names] | ||
DNS.1 = localhost |