https://github.com/fizzywhizbang/homeca
scripts to quickly get a CFSSL CA up and running on nix machines
https://github.com/fizzywhizbang/homeca
bash cfssl pki self-signed-certificate ssl ssl-certificates tls
Last synced: about 2 months ago
JSON representation
scripts to quickly get a CFSSL CA up and running on nix machines
- Host: GitHub
- URL: https://github.com/fizzywhizbang/homeca
- Owner: fizzywhizbang
- Created: 2023-01-07T16:09:30.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-01-08T00:03:46.000Z (over 3 years ago)
- Last Synced: 2025-07-27T10:36:40.998Z (12 months ago)
- Topics: bash, cfssl, pki, self-signed-certificate, ssl, ssl-certificates, tls
- Language: Shell
- Homepage:
- Size: 12.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# homeCA
To keep it simple I created some bash scripts to quickly and easily setup a root CA and intermediate CA
These scripts will ask questions and build the json files for you executing the necessary CFSSL
commands to generate your Certificate Authority.
###
Please take the time to let me know how I can make the more simple
## Requirements
Install CFSSL https://github.com/cloudflare/cfssl
MacOS or Linux system with Bash
## Instructions
each of these steps will ask for all the necessary input to complete its task
If you like you can run the menu (./menu.sh) which may help getting started *or not*
Run Step 1 to create your root ca *(this will create a directory named root)*
Run Step 2 to generate CSR for your intermediate CA *(this will create a directory named intermediate and create your intermediate config file)*
*note: these scripts allow for multiple intermediates*
Run Step 3 to sign the certificates for the intermediate CA *(these will be saved with _sig in the name)*
Run either of the two Step 4 files to create a client or a server certificate *(this will create a directory named clients)*
### Additional files
a script to convert pem to p12
### MacOS
a script to add your cert to a MacOS trust store *(this will need to be manually trusted)*