db/pgbackrest
1
0
Fork 0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2024-12-14 10:13:05 +02:00
Code Issues Releases Activity
943b80e1a7
pgbackrest/doc/resource/fake-cert/README.md

29 lines
1.1 KiB
Markdown
Raw Normal View History

Use minio as local S3 emulator in documentation. The documentation was relying on a ScalityS3 container built for testing which wasn't very transparent. Instead, use the stock minio container and configure it in the documentation. Also, install certificates and CA so that TLS verification can be enabled.
2019-05-27 13:37:20 +02:00
# pgBackRest Documentation Certificates
The certificates in this directory are used for documentation generation only and should not be used for actual services.
## pgBackRest CA
Generate a CA that will be used to sign documentation certificates. It can be installed in the documentation containers to make certificates signed by it valid.
```
cd [pgbackrest-root]/doc/resource/fake-cert
openssl ecparam -genkey -name prime256v1 | openssl ec -out ca.key
openssl req -new -x509 -extensions v3_ca -key ca.key -out ca.crt -days 99999 \
-subj "/C=US/ST=All/L=All/O=pgBackRest/CN=pgbackrest.org"
```
## S3 Certificate
Mimic an S3 certificate for the `us-east-1`/`us-east-2` region to generate S3 documentation.
```
cd [pgbackrest-root]/doc/resource/fake-cert
openssl ecparam -genkey -name prime256v1 | openssl ec -out s3-server.key
openssl req -new -sha256 -nodes -out s3-server.csr -key s3-server.key -config s3.cnf
openssl x509 -req -in s3-server.csr -CA ca.crt -CAkey ca.key -CAcreateserial \
-out s3-server.crt -days 99999 -extensions v3_req -extfile s3.cnf
```
Reference in New Issue Copy Permalink