https://pulumi.com logo
s

steep-cartoon-89174

10/21/2021, 5:20 PM
or more generally worked with certificates and pulumi ?
b

billowy-army-68599

10/21/2021, 5:22 PM
yes! you can create certificates using the tls provider https://www.pulumi.com/registry/packages/tls/api-docs/certrequest/
s

steep-cartoon-89174

10/21/2021, 5:35 PM
For now I've create a private key, created a SelfSignedCertificate with isCaCertificate=true and some allowed uses, I'm a bit confused now, how do I create a server and client certificate based on the CA ?
with the CertRequest ?
b

billowy-army-68599

10/21/2021, 5:52 PM
yep, you need to sign your key with the CA's private key, so you'd use a generate a new private key, and sign it using
CertRequest
and then use
LocalSignedCert
what language are you using? I can try throw together an example
s

steep-cartoon-89174

10/21/2021, 5:58 PM
typescript
but I can read any 🙂
b

billowy-army-68599

10/21/2021, 6:18 PM
s

steep-cartoon-89174

10/21/2021, 6:45 PM
awesome !! will try asap !
thx a lot !
why do you set the private key as the parent of the CA ? isn't that only for components ?
b

billowy-army-68599

10/22/2021, 3:05 PM
@steep-cartoon-89174 no, it's also for the UI rendering too
2 Views