mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-14 19:45:11 +00:00
10c76917ea
nats-io library needs `NATS_HAS_TLS` define to correctly compile-in TLS support fixes #39525
14 lines
821 B
Bash
Executable File
14 lines
821 B
Bash
Executable File
#!/bin/bash
|
|
set -euxo pipefail
|
|
|
|
mkdir -p "${NATS_CERT_DIR}/ca"
|
|
mkdir -p "${NATS_CERT_DIR}/nats"
|
|
openssl req -newkey rsa:4096 -x509 -days 365 -nodes -batch -keyout "${NATS_CERT_DIR}/ca/ca-key.pem" -out "${NATS_CERT_DIR}/ca/ca-cert.pem" -subj "/C=RU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=ca"
|
|
openssl req -newkey rsa:4096 -nodes -batch -keyout "${NATS_CERT_DIR}/nats/server-key.pem" -out "${NATS_CERT_DIR}/nats/server-req.pem" -subj "/C=RU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=server"
|
|
openssl x509 -req -days 365 -in "${NATS_CERT_DIR}/nats/server-req.pem" -CA "${NATS_CERT_DIR}/ca/ca-cert.pem" -CAkey "${NATS_CERT_DIR}/ca/ca-key.pem" -CAcreateserial -out "${NATS_CERT_DIR}/nats/server-cert.pem" -extfile <(
|
|
cat <<-EOF
|
|
subjectAltName = DNS:localhost, DNS:nats1
|
|
EOF
|
|
)
|
|
rm -f "${NATS_CERT_DIR}/nats/server-req.pem"
|