Public/k3d_outils
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
9809b24e0d8139918fed939aa630806611e0260a
k3d_outils/enabled-pki.sh
Laurent Drogou 968716ec76 🎉 initial commit
2022-04-06 15:33:57 +02:00

19 lines
793 B
Bash
Raw Blame History

#kubectl exec --stdin=true --tty=true vault-0 -- /bin/sh
vault secrets enable pki
vault secrets tune -max-lease-ttl=8760h pki
vault write pki/root/generate/internal common_name=dev.localhost ttl=8760h
vault write pki/config/urls issuing_certificates="http://vault.default:8200/v1/pki/ca" crl_distribution_points="http://vault.default:8200/v1/pki/crl"
vault write pki/roles/dev-dot-localhost allowed_domains=dev.localhost allow_subdomains=true max_ttl=72h
vault policy write pki - <<EOF
path "pki*" { capabilities = ["read", "list"] }
path "pki/roles/dev-dot-localhost" { capabilities = ["create", "update"] }
path "pki/sign/dev-dot-localhost" { capabilities = ["create", "update"] }
path "pki/issue/dev-dot-localhost" { capabilities = ["create"] }
EOF
Reference in New Issue View Git Blame Copy Permalink