Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # CA
- openssl genrsa -out ca-key.pem 2048
- openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca"
- # API SERVER
- openssl genrsa -out apiserver-key.pem 2048
- openssl req -new -key apiserver-key.pem -out apiserver.csr -subj "/CN=kube-apiserver" -config openssl.cnf
- openssl x509 -req -in apiserver.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out apiserver.pem -days 10000 -extensions v3_req -extfile openssl.cnf
- # Worker
- openssl genrsa -out worker-key.pem 2048
- openssl req -new -key worker-key.pem -out worker.csr -subj "/CN=kube-worker" -config worker-openssl.cnf
- openssl x509 -req -in worker.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out worker.pem -days 10000 -extensions v3_req -extfile worker-openssl.cnf
- # Admin key
- openssl genrsa -out admin-key.pem 2048
- openssl req -new -key admin-key.pem -out admin.csr -subj "/CN=kube-admin"
- openssl x509 -req -in admin.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out admin.pem -days 10000
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement