-
-
Save devodla/15a3c63213ce9e90047d812d1e071b74 to your computer and use it in GitHub Desktop.
Revisions
-
Reynaldo Layme revised this gist
Sep 7, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,7 @@ openssl req -nodes -newkey rsa:2048 -keyout onlyreynaldo.key -out onlyreynaldo.c openssl x509 -req -in onlyreynaldo.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out onlyreynaldo.crt # Create client PEM file cat onlyreynaldo.key onlyreynaldo.crt > onlyreynaldo.pem # Create clientPFX file (for Java, C#, etc) -
Sep 6, 2020 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,11 +1,11 @@ #!/bin/sh # Generate self signed root CA cert openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=BR/ST=SP/L=Sao Paulo/O=Layme Inc/OU=root/CN=`hostname -f`/[email protected]" # Generate server cert to be signed openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=BR/ST=SP/L=Sao Paulo/O=Layme Inc/OU=server/CN=`hostname -f`/[email protected]" # Sign the server cert openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt @@ -15,7 +15,7 @@ cat server.key server.crt > server.pem # Generate client cert to be signed openssl req -nodes -newkey rsa:2048 -keyout onlyreynaldo.key -out onlyreynaldo.csr -subj "/C=BR/ST=SP/L=Sao Paulo/O=Layme Inc/OU=client/CN=onlyreynaldo/[email protected]" # Sign the client cert openssl x509 -req -in onlyreynaldo.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out onlyreynaldo.crt -
Sep 6, 2020 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -15,13 +15,13 @@ cat server.key server.crt > server.pem # Generate client cert to be signed openssl req -nodes -newkey rsa:2048 -keyout onlyreynaldo.key -out onlyreynaldo.csr -subj "/C=BR/ST=SP/L=São Paulo/O=Layme Inc/OU=client/CN=onlyreynaldo/[email protected]" # Sign the client cert openssl x509 -req -in onlyreynaldo.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out onlyreynaldo.crt # Create client PEM file cat client.key client.crt > onlyreynaldo.pem # Create clientPFX file (for Java, C#, etc) -
Sep 6, 2020 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,11 +1,11 @@ #!/bin/sh # Generate self signed root CA cert openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=BR/ST=SP/L=São Paulo/O=Layme Inc/OU=root/CN=`hostname -f`/emailAddress=layme.reynaldo@icloud.com" # Generate server cert to be signed openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=BR/ST=SP/L=São Paulo/O=Layme Inc/OU=server/CN=`hostname -f`/emailAddress=layme.reynaldo@icloud.com" # Sign the server cert openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt @@ -15,7 +15,7 @@ cat server.key server.crt > server.pem # Generate client cert to be signed openssl req -nodes -newkey rsa:2048 -keyout client.key -out client.csr -subj "/C=BR/ST=SP/L=São Paulo/O=Layme Inc/OU=client/CN=onlyreynaldo/emailAddress=onlyreynaldo@hotmail.com" # Sign the client cert openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out client.crt -
kevinadi revised this gist
Sep 10, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -30,7 +30,7 @@ cat client.key client.crt > client.pem # Start mongod with SSL # mkdir -p data/db # mongod --sslMode requireSSL --sslPEMKeyFile server.pem --sslCAFile ca.crt --dbpath data/db --logpath data/mongod.log --fork # Connect to mongod with SSL # mongo --ssl --sslCAFile ca.crt --sslPEMKeyFile client.pem --host `hostname -f` -
Feb 24, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,36 @@ #!/bin/sh # Generate self signed root CA cert openssl req -nodes -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=root/CN=`hostname -f`/[email protected]" # Generate server cert to be signed openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=server/CN=`hostname -f`/[email protected]" # Sign the server cert openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt # Create server PEM file cat server.key server.crt > server.pem # Generate client cert to be signed openssl req -nodes -newkey rsa:2048 -keyout client.key -out client.csr -subj "/C=AU/ST=NSW/L=Sydney/O=MongoDB/OU=client/CN=`hostname -f`/[email protected]" # Sign the client cert openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out client.crt # Create client PEM file cat client.key client.crt > client.pem # Create clientPFX file (for Java, C#, etc) # openssl pkcs12 -inkey client.key -in client.crt -export -out client.pfx # Start mongod with SSL # mkdir -p data/db # mongod --sslMode requireSSL --sslPEMKeyFile cert.pem --sslCAFile ca.crt --dbpath data/db --logpath data/mongod.log --fork # Connect to mongod with SSL # mongo --ssl --sslCAFile ca.crt --sslPEMKeyFile client.pem --host `hostname -f`
Reynaldo Layme
revised
this gist