Skip to content
Branch: master
Find file History
gyuho *: update links
Signed-off-by: Gyuho Lee <>
Latest commit f2f7fc2 Aug 29, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.

This demonstrates using Cloudflare's cfssl to easily generate certificates for an etcd cluster.

Defaults generate an ECDSA-384 root and leaf certificates for localhost. etcd nodes will use the same certificates for both sides of mutual authentication, but won't require client certs for non-peer clients.


  1. Install git, go, and make
  2. Amend - IP's currently in the config should be replaced/added with IP addresses of each cluster node, please note is always required for loopback purposes:
  "CN": "etcd",
  "hosts": [
  "key": {
    "algo": "ecdsa",
    "size": 384
  "names": [
      "O": "autogenerated",
      "OU": "etcd cluster",
      "L": "the internet"
  1. Run make to generate the certs
You can’t perform that action at this time.