WIP implement cert generation script

InfoSecInnovations · Dec 6, 2024 · 7bdfccc · 7bdfccc
1 parent 987e76e
commit 7bdfccc
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/concierge_packages/launcher/src/launch_concierge/concierge_installer/arguments.py b/concierge_packages/launcher/src/launch_concierge/concierge_installer/arguments.py
@@ -49,7 +49,7 @@ def logging_enabled(processor: ArgumentProcessor):
         key="language_model",
         help="What language model will this Concierge instance use?",
         description=[
-            "NOTE: this feature is not implement yet, Concierge will always use mistral, model selection coming soon™!"
+            "NOTE: this feature is not implement yet, Concierge will always use mistral, model selection coming soon™!",
             "Which language model do you want to use? ",
             "note: the current recommended default for Concierge is mistral.",
             "For more info on language models available please go here:",

diff --git a/generate.ps1 b/generate.ps1
@@ -0,0 +1,10 @@
+rm *.pem
+
+# 1. Generate CA's private key and self-signed certificate
+openssl req -x509 -newkey rsa:4096 -days 365 -nodes -keyout ca-key.pem -out ca-cert.pem -subj "/C=US/ST=Ohio/L=Dublin/O=Self Sign/OU=Certificate Authority/CN=localhost"
+
+# 2. Generate web server's private key and certificate signing request (CSR)
+openssl req -newkey rsa:4096 -nodes -keyout server-key.pem -out server-req.pem -subj "/C=US/ST=Ohio/L=Dublin/O=Self Sign/OU=Server/CN=localhost" -addext "subjectAltName=DNS:keycloak,DNS:localhost"
+
+# 3. Use CA's private key to sign web server's CSR and get back the signed certificate
+openssl x509 -req -in server-req.pem -days 60 -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -copy_extensions copy