mirror of
https://github.com/pgbackrest/pgbackrest.git
synced 2024-12-12 10:04:14 +02:00
3e1b06acaa
The documentation was relying on a ScalityS3 container built for testing which wasn't very transparent. Instead, use the stock minio container and configure it in the documentation. Also, install certificates and CA so that TLS verification can be enabled. |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| ca.crt | ||
| ca.key | ||
| README.md | ||
| s3-server.crt | ||
| s3-server.key | ||
| s3.cnf | ||
pgBackRest Documentation Certificates
The certificates in this directory are used for documentation generation only and should not be used for actual services.
pgBackRest CA
Generate a CA that will be used to sign documentation certificates. It can be installed in the documentation containers to make certificates signed by it valid.
cd [pgbackrest-root]/doc/resource/fake-cert
openssl ecparam -genkey -name prime256v1 | openssl ec -out ca.key
openssl req -new -x509 -extensions v3_ca -key ca.key -out ca.crt -days 99999 \
-subj "/C=US/ST=All/L=All/O=pgBackRest/CN=pgbackrest.org"
S3 Certificate
Mimic an S3 certificate for the us-east-1/us-east-2 region to generate S3 documentation.
cd [pgbackrest-root]/doc/resource/fake-cert
openssl ecparam -genkey -name prime256v1 | openssl ec -out s3-server.key
openssl req -new -sha256 -nodes -out s3-server.csr -key s3-server.key -config s3.cnf
openssl x509 -req -in s3-server.csr -CA ca.crt -CAkey ca.key -CAcreateserial \
-out s3-server.crt -days 99999 -extensions v3_req -extfile s3.cnf