mirror of https://github.com/minio/minio.git
69 lines
1.6 KiB
Markdown
69 lines
1.6 KiB
Markdown
|
|
# Generate self signed certificate with GnuTLS under Windows
|
|
|
|
|
|
## 1. Install GnuTLS
|
|
|
|
Download and decompress the Windows version of GnuTLS from [here](http://www.gnutls.org/download.html)
|
|
|
|
Add the directory `gnutls-3.4.9-w64/bin` to your PATH environment and restart your console
|
|
|
|
## 2. Generate private.key
|
|
|
|
Run the following command to create `private.key`
|
|
```
|
|
certtool.exe --generate-privkey --outfile private.key
|
|
```
|
|
|
|
## 3. Generate public.crt
|
|
|
|
The easiest way is to generate certificate is to specify its information under a file. You can find an example below. We'll call that file `cert.cnf`.
|
|
|
|
```
|
|
# X.509 Certificate options
|
|
#
|
|
# DN options
|
|
|
|
# The organization of the subject.
|
|
organization = "Example Inc."
|
|
|
|
# The organizational unit of the subject.
|
|
#unit = "sleeping dept."
|
|
|
|
# The state of the certificate owner.
|
|
state = "Example"
|
|
|
|
# The country of the subject. Two letter code.
|
|
country = "EX"
|
|
|
|
# The common name of the certificate owner.
|
|
cn = "Sally Certowner"
|
|
|
|
# In how many days, counting from today, this certificate will expire.
|
|
expiration_days = 365
|
|
|
|
# X.509 v3 extensions
|
|
|
|
# DNS name(s) of the server
|
|
dns_name = "localhost"
|
|
|
|
# (Optional) Server IP address
|
|
ip_address = "127.0.0.1"
|
|
|
|
# Whether this certificate will be used for a TLS server
|
|
tls_www_server
|
|
|
|
# Whether this certificate will be used to encrypt data (needed
|
|
# in TLS RSA ciphersuites). Note that it is preferred to use different
|
|
# keys for encryption and signing.
|
|
encryption_key
|
|
```
|
|
|
|
Now, it is time to generate the public certificate using this command:
|
|
|
|
```sh
|
|
certtool.exe --generate-self-signed --load-privkey private.key --template cert.cnf --outfile public.crt
|
|
```
|
|
|
|
That's it.
|