docker-cfssl

CFSSL for Docker Container Image

docker-compose

Required package for wait-for-it and jq

OpenSSL mTLS Test

terminal 1

 $ docker-compose down
 $ docker-compose up -d
 $ wait-for-it localhost:8080
 $ cd testdata
 $ docker cp cfssl:/etc/cfssl/root-ca-crt.pem .
 $ docker cp cfssl:/etc/cfssl/lower-ca-crt.pem .
 $ cat root-ca-crt.pem lower-ca-crt.pem > chain.pem
 $ cfssl print-defaults csr | cfssl gencert -remote localhost:8888 -profile server - | cfssljson -bare server
 $ cfssl print-defaults csr | cfssl gencert -remote localhost:8888 -profile client - | cfssljson -bare client
 $ openssl s_server -CAfile chain.pem -key server-key.pem -cert server.pem -accept 4433 -state

terminal 2

 $ openssl s_client -connect localhost:4433 -CAfile chain.pem -key client-key.pem -cert client.pem -state < /dev/null

Revoke Client Certificate

 $ docker-compose down
 $ docker-compose up -d
 $ wait-for-it localhost:8080
 $ ./scripts/revoke-client-certificate.sh

Name		Name	Last commit message	Last commit date
Latest commit History 28 Commits
cfssl @ e905e91		cfssl @ e905e91
goose @ 8488cc4		goose @ 8488cc4
injection		injection
scripts		scripts
testdata		testdata
.dockerignore		.dockerignore
.gitignore		.gitignore
.gitmodules		.gitmodules
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
docker-compose-test.yml		docker-compose-test.yml
docker-compose.yml		docker-compose.yml

License

takumin/docker-cfssl

Folders and files

Latest commit

History

Repository files navigation

docker-cfssl

docker-compose

OpenSSL mTLS Test

Revoke Client Certificate

Reference

About

Topics

Resources

License

Stars

Watchers

Forks

Languages