k8s dashboard 一键生成ssl证书脚本

k8s dashboard 一键生成ssl证书脚本

#!/bin/bash
openssl genrsa -out ca.key 2048
openssl req -new -x509 -key ca.key -out ca.crt -days 3650 -subj "/C=CN/ST=HB/L=WH/O=DM/OU=YPT/CN=CA"
openssl genrsa -out dashboard.key 2048
openssl req -new -sha256 -key dashboard.key -out dashboard.csr -subj "/C=CN/ST=HB/L=WH/O=DM/OU=YPT/CN=$1"
echo "extensions = san
[san]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth,serverAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
subjectAltName = IP:$1,IP:127.0.0.1,DNS:$1,DNS:localhost
" > dashboard.cnf
openssl x509 -req -sha256 -days 3650 -in dashboard.csr -out dashboard.crt -CA ca.crt -CAkey ca.key -CAcreateserial -extfile dashboard.cnf
rm -f dashboard.csr dashboard.cnf ca.srl ca.key
echo "create completed"

创建一个 dashboardkey.sh 然后把以上内容复制进去。
chmod a+x dashboardkey.sh
./dashboardkey.sh 192.168.2.222
—192.168.2.222 某台机器IP

你可能感兴趣的:(k8s)