User Tools

Site Tools

Trace: vmware_nmp_iops nas_on_debian step_ca
step_ca

This is an old revision of the document!

Table of Contents

Step CA Docker

Introduction

Create own Certificate Authority with Step CA Docker image

Installation

Create directories to put docker files 

mkdir -p /opt/step-ca/data
chown 1000:1000 /opt/step-ca/data
chmod 700 /opt/step-ca/data

Initial config

 docker run -it -v /opt/step-ca/data:/home/step smallstep/step-ca step ca init --acme

Create password file

docker run -it -v /opt/step-ca/data:/home/step smallstep/step-ca bash
echo -n "password" > secrets/password
chmod 600 secrets/password

Alter configfile

/opt/step-ca/data/config/ca.json
.
.
"authority": {
  "provisioners": [
      {
.
.
        "encryptedKey": "<secret key already set by init>",
         "claims": {
           "minTLSCertDuration": "8760h0m0s",
           "maxTLSCertDuration": "17520h0m0s",
           "defaultTLSCertDuration": "8760h0m0s",
           "enableSSHCA": false,
           "disableRenewal": false,
           "allowRenewalAfterExpiry": false
         },
         "options": {
           "x509": {},
           "ssh": {}
         }
       },
       {
         "type": "ACME",
         "name": "heitmann",
         "claims": {
           "maxTLSCertDuration": "2160h0m0s",
           "defaultTLSCertDuration": "2160h0m0s",
           "enableSSHCA": true,
           "disableRenewal": false,
           "allowRenewalAfterExpiry": false
         },
         "options": {
           "x509": {},
           "ssh": {}
         }
      }
   ],
.   
.
step_ca.1754211313.txt.gz · Last modified: by herwarth

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki