mirror of
https://github.com/mongodb/mongo.git
synced 2024-12-01 09:32:32 +01:00
38 lines
1.1 KiB
Plaintext
38 lines
1.1 KiB
Plaintext
# To create a Server PEM key off of this file, just run
|
|
# openssl genrsa -out server.key 2048
|
|
# openssl req -new -key server.key -out server.csr -config openssl_SAN.csr.in -extensions v3_req #Creates the unsigned server certificate (change v3_req to whatever extensions in the cfg file)
|
|
# openssl x509 -req -days 3650 -in server.csr -CA ca.pem -set_serial 01 -out server.crt -extfile openssl_SAN2.csr.in -extensions v3_req #Creates the signed server certificate
|
|
# cat server.crt server.key > server.pem #Joins the signed cert with the key for the server pem
|
|
|
|
[ ca ]
|
|
|
|
default_ca = CA_default
|
|
|
|
[ CA_default ]
|
|
dir = .
|
|
certificate = $dir/ca.pem
|
|
|
|
|
|
[ req ]
|
|
default_bits = 4096
|
|
default_keyfile = privateKey.pem
|
|
distinguished_name = dn
|
|
prompt = no
|
|
req_extensions = v3_req
|
|
|
|
[ dn ]
|
|
C = US
|
|
ST = New York
|
|
L = New York City
|
|
O = MongoDB
|
|
OU = Kernel Users
|
|
CN = Kernel Client Peer Role
|
|
|
|
[ v3_req ]
|
|
subjectAltName = @alt_names
|
|
|
|
[ alt_names ]
|
|
DNS.1 = localhost
|
|
IP.1 = 127.0.0.1
|
|
IP.2 = ::1
|