Channels
#general
Title
s
steep-cartoon-89174
10/21/2021, 5:20 PMor more generally worked with certificates and pulumi ?
b
billowy-army-68599
10/21/2021, 5:22 PM
yes! you can create certificates using the tls provider
https://www.pulumi.com/registry/packages/tls/api-docs/certrequest/
s
steep-cartoon-89174
10/21/2021, 5:35 PMFor now I've create a private key, created a SelfSignedCertificate with isCaCertificate=true and some allowed uses, I'm a bit confused now, how do I create a server and client certificate based on the CA ?
with the CertRequest ?
b
billowy-army-68599
10/21/2021, 5:52 PM
yep, you need to sign your key with the CA's private key, so you'd use a generate a new private key, and sign it using
CertRequestLocalSignedCertwhat language are you using? I can try throw together an example
s
steep-cartoon-89174
10/21/2021, 5:58 PMtypescript
but I can read any 🙂
b
billowy-army-68599
10/21/2021, 6:18 PM
@steep-cartoon-89174 here you go:
https://github.com/jaxxstorm/pulumi-examples/blob/main/typescript/misc/self_signed_cert/index.ts
s
steep-cartoon-89174
10/21/2021, 6:45 PMawesome !! will try asap !
thx a lot !
why do you set the private key as the parent of the CA ? isn't that only for components ?
b
billowy-army-68599
10/22/2021, 3:05 PM
@steep-cartoon-89174 no, it's also for the UI rendering too
2 Views