admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
29d079babc6d5e1335ee4e4064b03201341f6c49
twenty/packages/twenty-server/scripts/ssl-generation/README.md
Antoine Moreaux eb39288583 feat(server): allow to use ssl on server (#8722)
2024-11-26 15:30:51 +00:00

74 lines
2.4 KiB
Markdown
Raw Blame History

# Local SSL Certificate Generation Script
This Bash script helps generate self-signed SSL certificates for local development. It uses OpenSSL to create a root certificate authority, a domain certificate, and configures them for local usage.
## Features
- Generates a private key and root certificate.
- Creates a signed certificate for a specified domain.
- Adds the root certificate to the macOS keychain for trusted usage (macOS only).
- Customizable with default values for easier use.
## Requirements
- OpenSSL
## Usage
### Running the Script
To generate certificates using the default values:
```sh
./script.sh
```
### Specifying Custom Values
1. **Domain Name**: Specify the domain name for the certificate. Default is `localhost.com`.
2. **Root Certificate Name**: Specify a name for the root certificate. Default is `myRootCertificate`.
3. **Validity Days**: Specify the number of days the certificate is valid for. Default is `398` days.
#### Examples:
1. **Using Default Values**:
```sh
./script.sh
```
2. **Custom Domain Name**:
```sh
./script.sh example.com
```
3. **Custom Domain Name and Root Certificate Name**:
```sh
./script.sh example.com customRootCertificate
```
4. **Custom Domain Name, Root Certificate Name, and Validity Days**:
```sh
./script.sh example.com customRootCertificate 398
```
## Script Details
1. **Check if OpenSSL is Installed**: Ensures OpenSSL is installed before executing.
2. **Create Directory for Certificates**: Uses `~/certs/{domain}`.
3. **Generate Root Certificate**: Creates a root private key and certificate.
4. **Add Root Certificate to macOS Keychain**: Adds root certificate to macOS trusted store (requires admin privileges).
5. **Generate Domain Key**: Produces a private key for the domain.
6. **Create CSR**: Generates a Certificate Signing Request for the domain.
7. **Generate Signed Certificate**: Signs the domain certificate with the root certificate.
## Output Files
The generated files are stored in `~/certs/{domain}`:
- **Root certificate key**: `{root_cert_name}.key`
- **Root certificate**: `{root_cert_name}.pem`
- **Domain private key**: `{domain}.key`
- **Signed certificate**: `{domain}.crt`
## Notes
- If running on non-macOS systems, you'll need to manually add the root certificate to your trusted certificate store.
- Ensure that OpenSSL is installed and available in your PATH.
Reference in New Issue View Git Blame Copy Permalink