-
Notifications
You must be signed in to change notification settings - Fork 140
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create new ActiveGate and Proxy custom TLS certificates (#4391)
- Loading branch information
1 parent
db6a50e
commit f65822d
Showing
6 changed files
with
105 additions
and
52 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| ## Create Squid proxy certificate | ||
|
|
||
| > openssl req -nodes -x509 -newkey rsa:4096 -keyout spkey.pem -out custom.pem -days 365 -subj "/CN=squid.proxy" -addext="subjectAltName=DNS:squid.proxy,DNS:squid.proxy.svc,DNS:squid.proxy.svc.cluster.local" -addext="basicConstraints=CA:TRUE" | ||
| > | ||
| > cat custom.pem spkey.pem | base64 -w0 | ||
| (!) Copy encoded files to proxy-ssl.yaml:squid-ca-cert.pem field. | ||
|
|
||
| ## Create ActiveGate TLS certificate | ||
|
|
||
| create a private key | ||
| > openssl genrsa -out agkey.pem 2048 | ||
| create a certificate signing request | ||
| > openssl req -key agkey.pem -new -out ag.csr -subj '/CN=dynakube-activegate.dynatrace' | ||
| create a self-signed root CA | ||
| > openssl req -x509 -nodes -sha256 -days 1825 -newkey rsa:2048 -keyout root.pem -out root.crt -subj '/CN=dynakube-activegate.issuer' | ||
| sign certificate signing request with root CA | ||
| > openssl x509 -req -CA root.crt -CAkey root.pem -in ag.csr -out agcrt.pem -days 365 -CAcreateserial -extfile ag.ext | ||
| convert to p12 | ||
| > openssl pkcs12 -export -out agcrtkey.p12 -inkey agkey.pem -in agcrt.pem -certfile root.crt | ||
| append root certificate to agcrt.pem | ||
| > cat root.crt >> agcrt.pem | ||
| (!) Use empty password. | ||
|
|
||
| ## Print the certificate in text form | ||
|
|
||
| > openssl x509 -text -noout -in agcrt.pem | ||
| > | ||
| > openssl pkcs12 -info -in agcrtkey.p12 -nodes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| authorityKeyIdentifier=keyid,issuer | ||
| basicConstraints=CA:FALSE | ||
| subjectAltName = @alt_names | ||
| [alt_names] | ||
| DNS.1 = dynakube-activegate.dynatrace | ||
| DNS.2 = dynakube-activegate.dynatrace.svc | ||
| DNS.3 = dynakube-activegate.dynatrace.svc.cluster.local |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,41 +1,41 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDqDCCApCgAwIBAgIUTrMdIL1V6mZCfDVzJB36N9Kb/vowDQYJKoZIhvcNAQEL | ||
| BQAwJTEjMCEGA1UEAwwaZHluYWt1YmUtYWN0aXZlZ2F0ZS5pc3N1ZXIwHhcNMjQw | ||
| MjAzMTYxODM2WhcNMjUwMjAyMTYxODM2WjAoMSYwJAYDVQQDDB1keW5ha3ViZS1h | ||
| MIIDqDCCApCgAwIBAgIUXLu0L1BM5PpWjDDFmeNFK+3cEV8wDQYJKoZIhvcNAQEL | ||
| BQAwJTEjMCEGA1UEAwwaZHluYWt1YmUtYWN0aXZlZ2F0ZS5pc3N1ZXIwHhcNMjUw | ||
| MjAzMDk1OTU4WhcNMjYwMjAzMDk1OTU4WjAoMSYwJAYDVQQDDB1keW5ha3ViZS1h | ||
| Y3RpdmVnYXRlLmR5bmF0cmFjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC | ||
| ggEBAKiO7ZPq2axVnyXwqerhv3WsRt+GVd4mttvjFuJXoD7b/KuuXypQJbPLnEW0 | ||
| Gob0YOzmLyvppfraT+vynHhJjzniEXj6dVuPeUEgoU/8nbRG09lh+E1/IPfgANNx | ||
| Sj0emK++3vIE65bFULQ89FFJPfvSAeqjtfl0FczQMzc2COp3iQL+7ZO7Ug/wfWP7 | ||
| raVVDsra926IjSlEm7mFN0cKeKjZA91DEJID0Ge50YZ6ZCm1BZGa76mqCmHFmsdY | ||
| TpfbMDoWCInc7bY/M6nS3tNQC/cH0QhDoOLAzHj5hO5+Vy3hOXDVstI7JfwCVwyo | ||
| 29DOzHCGqigYnxv3jHWehk8tPNcCAwEAAaOBzDCByTAfBgNVHSMEGDAWgBSqrFPU | ||
| fx0iICfVB9dzmKX/CHqvqzAJBgNVHRMEAjAAMHwGA1UdEQR1MHOCHWR5bmFrdWJl | ||
| ggEBAL7HE20SHjkWIiYpNt0QC0v3YS31skD/z1eAWlQZJazIhQOSkcmU5RJShzkJ | ||
| oYZPc1zt0WQIUAd1EBFuM7Tc55YBIC9a/PySpvtALMvF11GMt6bRSagUrw5dvJ+T | ||
| odUoxhWgveIzRG0f7sPjny0/McFOcRw5cNDr518tZKDm9X0/2yV7Y0RLXKNIRwEv | ||
| 6pQQl9XXAQ16NxmOAvArdm2LLvLfwrUPNG/XjtOiICmdesWHg6hTMYKXhSkhQYZC | ||
| mE9nvMi7fJMWeZFWIZnHSSFThAy5O73yZZ6S0Il+JnvpSf74a8Qh90Rab3nQL6Yj | ||
| 4aHwWJCVmvP6hEOjJp3UkK75MrUCAwEAAaOBzDCByTAfBgNVHSMEGDAWgBSVn1nI | ||
| X+9ryJ9jZwCslweq6OPLZDAJBgNVHRMEAjAAMHwGA1UdEQR1MHOCHWR5bmFrdWJl | ||
| LWFjdGl2ZWdhdGUuZHluYXRyYWNlgiFkeW5ha3ViZS1hY3RpdmVnYXRlLmR5bmF0 | ||
| cmFjZS5zdmOCL2R5bmFrdWJlLWFjdGl2ZWdhdGUuZHluYXRyYWNlLnN2Yy5jbHVz | ||
| dGVyLmxvY2FsMB0GA1UdDgQWBBSVTtZcoy6Xk65m5qqTSCfK2isTcTANBgkqhkiG | ||
| 9w0BAQsFAAOCAQEAduSHuFzyxPc2iptS3Zoq82SafgBj/rxdM2CgPdn6nKdtKbot | ||
| f0+laaMIoJ0wVxz3jClqMiCPK/l4AFV79bhQwaVRxR8Jp8ebDfKs7WJfxrcoLXvf | ||
| TgjyLmBGx/3ucAGh3CY7gelPUXLyzV6R4siWWzu/6Ln8fBwJDwqMDQShZHIkSXXz | ||
| xr366z5taXBvIjnwgBW0QXTm09b76PRTMbkM1WYIO54EAjW00xhclzVnn0xwseG2 | ||
| fLD9cFcleOovFczlqgVIf2HBe8E+g8WICSW8aeC3CgvpuUtCQZQ1Ha6kEWHc1jop | ||
| nWWvK79XYJjoxHnFchyNkcHHRDeujw9rN9P4fg== | ||
| dGVyLmxvY2FsMB0GA1UdDgQWBBQWFNPIq2M4ysrDoNXKl/NIPNJR+DANBgkqhkiG | ||
| 9w0BAQsFAAOCAQEABYm45MXQ20TVWha4dfQxfZ5WCo4IDWNjR/ND/eaRUA704TG/ | ||
| u1pV2jflclIvfDw9B55u0bH4b5ZCx57oMPOQpvXgLI2qUONpfLqdmg9hTiGd+P7U | ||
| wtm+hOfmCg1YSpVLOdmXF9sglRIUJO9jX7CiFZ1MvFxCYxXkHccBswoSgSTBzhrY | ||
| tLAyEpwgh2YwLVSsq+iBXv6tAI3po9Hpr1d266nMQ9J0ry2aiKR8Id0FKhV9LmZl | ||
| bCKYedOUqpPgOQ/j3eN+SrH+tI2a6RLbkTrOU934dlyd3AMrr2hGUerVRt8ScC5u | ||
| /ryXiTY10wzIkcmjNLvH5q/0TLiyU5SlHzKAEw== | ||
| -----END CERTIFICATE----- | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDKzCCAhOgAwIBAgIUWQkPicmb4jXD6HdHqXh3GKFXF28wDQYJKoZIhvcNAQEL | ||
| BQAwJTEjMCEGA1UEAwwaZHluYWt1YmUtYWN0aXZlZ2F0ZS5pc3N1ZXIwHhcNMjQw | ||
| MjAzMTYxODM2WhcNMjkwMjAxMTYxODM2WjAlMSMwIQYDVQQDDBpkeW5ha3ViZS1h | ||
| MIIDKzCCAhOgAwIBAgIUejLjZYxit5P49BBArjUQ8LUGr3IwDQYJKoZIhvcNAQEL | ||
| BQAwJTEjMCEGA1UEAwwaZHluYWt1YmUtYWN0aXZlZ2F0ZS5pc3N1ZXIwHhcNMjUw | ||
| MjAzMTEzNjUxWhcNMzAwMjAyMTEzNjUxWjAlMSMwIQYDVQQDDBpkeW5ha3ViZS1h | ||
| Y3RpdmVnYXRlLmlzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB | ||
| AMzNzK3Xpqa3vjRt/kE02gH3o3sWAuGaGwQQDSqhBWTk4w36WQJzzAA/Vi9QiUxU | ||
| wFSJ6X4+ctTwcSozBhHlsW796q40X81teDgZyQl0C+cl1x0rO6HrLkBJYQC5A8cy | ||
| kj84eKl3wZCk3GKuOH1zvD3Io4dI6SozeSS5cQb9qMIWqomzvRdJDtyUOgT+RdNQ | ||
| FL/SKR7/V83T9n0qCGlu0GiZUvoSBG/NI2gFzRppJIiOyDkikRUXutzXTmhHxtD9 | ||
| 9zDEkgAjpLMtZ5nfNbaDcvo99XQ0Iq85f/3OMDQC1tc4p4spf3s506MrM7o7pPfZ | ||
| vgQaiVF9kKO3AQH3uVCUx/sCAwEAAaNTMFEwHQYDVR0OBBYEFKqsU9R/HSIgJ9UH | ||
| 13OYpf8Ieq+rMB8GA1UdIwQYMBaAFKqsU9R/HSIgJ9UH13OYpf8Ieq+rMA8GA1Ud | ||
| EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAL3drdFOkEBvDANYKs0Vg4mt | ||
| 2jnEJghSQppY/j7iQWVe5lbVfbvnMOQjio1aeIG2xMu+ZYfEJgrX7x1/h3tni4tI | ||
| cMA0FZg37LavIJTd0b09+fT/O6SVvJFCFnAotezVS7z/aA54r3pxkjt1JEsADzzb | ||
| Cq42IdXkNLiPgqxpAHjI6m83UoS6g6p5+V/Z4sadR6QeIOBxLjO+cEhNz349tm7d | ||
| LDYOO+Ti+Z/yb6d7wyVYNFCLFzHkQPXYvKEwAD0mUOWS9doKQkKgVPj3yK5bBjDW | ||
| UNPmUJ412aSo1aRsEJt6zlvHaHMtfhSieG/PwF+1Z82D8dRLamPLGioan8qp9jM= | ||
| ANe6fMAThI6gccyf/rT6YonH92kGGrkzBK46Gnq1dG6a9Khn3iCCQuTvHzuI+l0x | ||
| vE6nNeEo6gjPjt/7t66rDEmdGwJNvwbF7YxElt/S2X/eTPMMIjdTkfUQTAXbVFWI | ||
| 6Uy1q3g2thuIUohc+IoIJmyFP4hnnPAhN9KwzCwFTxnaqzoVf0gbwrQ6P19M7cpH | ||
| UvH9O/QVbcFBiz88y4eDD+jeXfSYRpP41o3cds1OkueBOWnvPhw91WsVw7BxhlDG | ||
| 17lBKgEbqJ1/4vBKZklkFU0o9WGDccbyGBw1t2nf7dXkKHcgIjQmk4/sebjhsLZr | ||
| i+BVGSKW4GI+t3VvEME2SQMCAwEAAaNTMFEwHQYDVR0OBBYEFP83X0iOEm6+6Az4 | ||
| 3HSnUG5IerqjMB8GA1UdIwQYMBaAFP83X0iOEm6+6Az43HSnUG5IerqjMA8GA1Ud | ||
| EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAC1TNWD/GLdSuspDrwOn7seC | ||
| TQFBRQa6eU8B43ry5+v6YU78lD/CJ5Gm5m5X+u10rEJ4deFCVPm97QEnY6w4QWZR | ||
| NKo8RGza8nN5R2Slip6LpFo62UmfeMyzRzYqNkR3wwlHE0u3aggaTv//VdI3bFtR | ||
| XOL5McGoybsxKHK1Ts22OZRZO6DefvFbU2gPN/Kq1ZRnz7dRqGUEeyCdLQv7+Jo4 | ||
| ZZaVuTvVI5OInPl5nUp43auU6DQeFuYFrB20/G5vx/ycsrnbsClm2y081W7FrSRh | ||
| dljXpdkiJc16liykeFDU/YI5WyNwD7k4jq1n+mZgs/2rgOurjS6oA4eBc+ELn7s= | ||
| -----END CERTIFICATE----- |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,20 +1,31 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIDWDCCAkCgAwIBAgIUVYmiolB97PjZq5Mp/nRbSnzoqoAwDQYJKoZIhvcNAQEL | ||
| BQAwHTEbMBkGA1UEAwwSc3F1aWQucHJveHkuaXNzdWVyMB4XDTI0MDIwMjEzMjQ0 | ||
| M1oXDTI1MDIwMTEzMjQ0M1owFjEUMBIGA1UEAwwLc3F1aWQucHJveHkwggEiMA0G | ||
| CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uDub9pA47dVq61IAmvOIlOx2Dcrt | ||
| oY9xaf2zw1HBQORIz2ONABiWvq0WK082ZD6sDdwol5YVR8Y6vRhvBiJPMV3WBH8w | ||
| +e8SUazrN/aX4uttfx3cE6DGVvuNDzooFuxMr8aitbtEvgG+3fG6bLma4Xb2Xp8q | ||
| CcRxww3aOKU84mRsRxQmYl4kBGHRnmnvyBQ8uzM9p31TisUYwH9IRbXU1zXfGZpR | ||
| a8XGo61qRo/cUS+KpBEEaLd5CsFEaTmppnVPlmLJj47Ow7enAeucwj4cMOzP9GnP | ||
| 795EUNOtWYzcuxa3FaLN6uGMeCkI8VXZCsfIZnTIILwmtjehmGy5ixLRAgMBAAGj | ||
| gZYwgZMwHwYDVR0jBBgwFoAU7jJjxqWq485VU405vJMQL96JtUEwCQYDVR0TBAIw | ||
| ADBGBgNVHREEPzA9ggtzcXVpZC5wcm94eYIPc3F1aWQucHJveHkuc3Zjgh1zcXVp | ||
| ZC5wcm94eS5zdmMuY2x1c3Rlci5sb2NhbDAdBgNVHQ4EFgQUGMSDkrUtztRk54bs | ||
| 84vZJsgyhAkwDQYJKoZIhvcNAQELBQADggEBAFH/Xd50F7kde0zivHxq0Y4MlEr5 | ||
| +8TnB+icfTSDYl68lv4s3hPcmFOHSvQbPLk9fbK+Z0WXGb43t4WnzwdLoFO+eumD | ||
| NhNcYt/iOpCECoYckjBmtwo4PXLS56UCmNBNWmKAcLSxwpui6HcIPKEecJ5+2Wak | ||
| BVMhE0ooUgW0UEIlxf2P1oO4RqsktdTvfJpcrE2eMxCDqxr3MEETLrIuvYPke6aV | ||
| mUu0vFhvq+i1AIbBYUKHbI/Y5zKfiWfAqTzpJmmwwAgQesg68xu63GGDvvDfaZim | ||
| qFCo5Vr/1iNtCbkGBqQ35c1Ba6Idh68JeHTOF/O4RCaMKsWTJFck2cwnv9s= | ||
| MIIFVDCCAzygAwIBAgIUPiRJza3KU2pXzumVpvyHi67nItkwDQYJKoZIhvcNAQEL | ||
| BQAwFjEUMBIGA1UEAwwLc3F1aWQucHJveHkwHhcNMjUwMjAzMTIxMjQyWhcNMjYw | ||
| MjAzMTIxMjQyWjAWMRQwEgYDVQQDDAtzcXVpZC5wcm94eTCCAiIwDQYJKoZIhvcN | ||
| AQEBBQADggIPADCCAgoCggIBAMFOnjWspDFGJiszWH8wKneVQPNqLoXK0ewm/Ahy | ||
| YLDAW4jiRBeI9J2e6v8JdvZzwiHGYbtJQnYzCdPah7qdeLI3RJ6jLA1iBYjuajI6 | ||
| Dodgf/ihT9z0vwS4UpJ8FNB98QDugngw2dnTzNbCF1HxxxXhWmTHRKPv79qWGg2Q | ||
| MqK7w3mtKPN6ha5DZhNV6ejdcmJZU4L9mOmCJIZEOkU/KKM3hnWQTwT0IzqxppOg | ||
| chCXXtsOZWP1JSWgGebCye2yNQQIksBuHYnjZQc9g/919sowCGZbEZc19kgvaa+I | ||
| jNNAAh5PH+UuSzjupd+HJGZtz39U/pvQmz/ImuntwGZEEMLCY1Lw+H3O2W7bKAac | ||
| hM4QDah5J5En77+lFk+ce0dnctQ76iL1ww0TDiLS5C7oZ5lGfgidXgIYbpsIVhUH | ||
| ee8Ei0Zc6K3smMM4dXsqJtwWERhs0G2u/CvJ1r4gxeIAf5+bihXPGI9lMtPRHa/1 | ||
| 31Sn6UTyZaoizjSYyYmIuIfYMVC5X+DtFUb3wG+/UyStqDqFXPLDS3yHyhj42z8O | ||
| SAx82vZDPO+CIVDzsqhrxg2G9s5gBFzv/xSacElZEwzELa0fcrAra8BLjkFVgdhM | ||
| NsNZ4CYOhF2iuDC9aQmsWKB0jNBujdMm/EPJKUDLKg0+J4rDa85YND96NaKLZKU2 | ||
| c6NdAgMBAAGjgZkwgZYwHQYDVR0OBBYEFAf8Nh6D5ZGPPhVCf8PX8S4p+GpOMB8G | ||
| A1UdIwQYMBaAFAf8Nh6D5ZGPPhVCf8PX8S4p+GpOMEYGA1UdEQQ/MD2CC3NxdWlk | ||
| LnByb3h5gg9zcXVpZC5wcm94eS5zdmOCHXNxdWlkLnByb3h5LnN2Yy5jbHVzdGVy | ||
| LmxvY2FsMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBACsa8L4boFIm | ||
| LZTztUZdQAHZnuJiMHHs2vbvbK3nziaFd9ygf0f/x/xJ4b9Ae5mzAsC+tN65PwRt | ||
| L9nkYr8KmWHUhDjcB0ya74YbNYjlbbOfPkDtH21HGuORDTBe0Dw9acMmXy0ardYu | ||
| cm4/x0I1iAFcOl1OX61U9lb75G2Fj+WObOzWVXBDCJVDkTZ2DN+m4fS/RIEhSrmk | ||
| cCMaIr60sKMOiPXgAIpQGVXEV142Rm8bducoM2xo5ffU+PZ7ZUnO+up35wGSCDpq | ||
| boGpJTILqA68XhsPaoHF6OF/pDRO9oxQ5aYHQl7RaxNizsf0TqhUbYxg5/XURvSj | ||
| gH17Oc0FQihoqSSmEVeUq9iE18uHLCe27eUcl/Uj+oOBX4qvHysdJdFIcPceNrYq | ||
| EdSFFzNirJkT9htnzbXGexWuBBAoiZyFiBjSI/hygkL9C43aHR+ezuOedyUFoW+1 | ||
| xh/4gWaEe01Ws5Un8XqGexNTukPr9+2RtGtvwXm9fUlhYhJKHEsq7Yh1TzSeylLK | ||
| iHE3gabqy9HHwK2iqhR8345F8irFC+7ARHTq55UIvWNojzaW5nwWJDxay+bmP+6r | ||
| EjtP36UUhH8ExAR4d59FAeTi6gH/9NFNf1DWHtd4Cndixs9VEKkQZ1Lx1zbIHFNh | ||
| iJVRSZs2HZVjPAxGuydRHp9J9b7Jka6C | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters