34 lines
1.6 KiB
Bash
Executable File
34 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# Copyright 2020 PingCAP, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
set -eu
|
|
cur_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
|
|
|
|
mkdir -p $TEST_DIR/certs
|
|
openssl ecparam -out "$TEST_DIR/certs/ca.key" -name prime256v1 -genkey
|
|
# CA's Common Name must not be the same as signed certificate.
|
|
openssl req -new -batch -sha256 -subj '/CN=br_tests' -key "$TEST_DIR/certs/ca.key" -out "$TEST_DIR/certs/ca.csr"
|
|
openssl x509 -req -sha256 -days 2 -in "$TEST_DIR/certs/ca.csr" -extfile "${cur_dir}/config/rootca.conf" -extensions ext -signkey "$TEST_DIR/certs/ca.key" -out "$TEST_DIR/certs/ca.pem"
|
|
for cluster in tidb pd tikv lightning tiflash curl ticdc br; do
|
|
openssl ecparam -out "$TEST_DIR/certs/$cluster.key" -name prime256v1 -genkey
|
|
openssl req -new -batch -sha256 -subj '/CN=localhost' -key "$TEST_DIR/certs/$cluster.key" -out "$TEST_DIR/certs/$cluster.csr"
|
|
openssl x509 -req -sha256 -days 1 -extensions EXT -extfile "${cur_dir}/config/ipsan.cnf" \
|
|
-in "$TEST_DIR/certs/$cluster.csr" \
|
|
-CA "$TEST_DIR/certs/ca.pem" \
|
|
-CAkey "$TEST_DIR/certs/ca.key" \
|
|
-CAcreateserial -out "$TEST_DIR/certs/$cluster.pem"
|
|
done
|