egommerce/stack
1
0
Fork 0
Code Issues 5 Pull Requests Projects Releases Wiki Activity

Fixes in generate cert script

Browse Source
This commit is contained in:
Piotr Biernat
2025-11-05 13:15:09 +01:00
parent dae298bd00
commit 4f1d72ff4d
1 changed files with 6 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
deploy/scripts/gen-certs.sh
View File

@@ -39,7 +39,6 @@ mkdir -p \
${CERTS_DIR}api-cache \
${CERTS_DIR}api-logger \
${CERTS_DIR}db-postgres \
# ${CERTS_DIR}db-mongo \
${CERTS_DIR}identity-svc \
${CERTS_DIR}basket-svc \
${CERTS_DIR}catalog-svc \
@@ -47,12 +46,12 @@ mkdir -p \
${CERTS_DIR}pricing-svc
# Generate Root CA cert
# openssl req -newkey rsa:2048 -nodes -x509 -days 1024 \
# -subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/OU=DevOps Team/CN=Egommerce CA" \
# -keyout ${CERTS_DIR}ca-root/ca-root.key -out ${CERTS_DIR}ca-root/ca-root.crt >/dev/null
openssl req -newkey rsa:2048 -nodes -x509 -days 1024 \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/OU=DevOps Team/CN=Egommerce CA" \
-keyout ${CERTS_DIR}ca-root/ca-root.key -out ${CERTS_DIR}ca-root/ca-root.crt >/dev/null
# Create fullchain pem file
# cat ${CERTS_DIR}ca-root/ca-root.key ${CERTS_DIR}ca-root/ca-root.crt > ${CERTS_DIR}ca-root/ca-root.pem
cat ${CERTS_DIR}ca-root/ca-root.key ${CERTS_DIR}ca-root/ca-root.crt > ${CERTS_DIR}ca-root/ca-root.pem
# Generate Gateway cert
@@ -70,6 +69,7 @@ openssl x509 -req -days 365 \
# Create fullchain pem file
cat ${CERTS_DIR}api-gateway/api-gateway.key ${CERTS_DIR}api-gateway/api-gateway.crt > ${CERTS_DIR}api-gateway/api-gateway.pem
# Generate Eventbus cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$EVENTBUS_CN" \
@@ -108,6 +108,7 @@ openssl x509 -req -days 365 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${LOGGER_SAN}")) \
-out ${CERTS_DIR}api-logger/api-logger.crt >/dev/null
# Generate Postgres cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$POSTGRES_CN" \
@@ -121,19 +122,6 @@ openssl x509 -req -days 365 \
-out ${CERTS_DIR}db-postgres/db-postgres.crt >/dev/null
# Generate Mongo cert
# openssl req -newkey rsa:2048 -nodes \
# -subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$MONGO_CN" \
# -keyout ${CERTS_DIR}db-mongo/db-mongo.key \
# -out ${CERTS_DIR}db-mongo/db-mongo.csr >/dev/null
# openssl x509 -req -days 365 \
# -in ${CERTS_DIR}db-mongo/db-mongo.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
# -CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
# -extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${MONGO_SAN}")) \
# -out ${CERTS_DIR}db-mongo/db-mongo.crt >/dev/null
# Generate Identity cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$IDENTITY_CN" \