Create Certificate for Envoy

From Logic Wiki
Jump to: navigation, search


Installing Ubuntu WSL in windows run this command in Powershell :

wsl --install -d Ubuntu

After the installation run the command in ubuntu

explorer.exe .

Create a new file "https.config" and put these lines in it. Change localhosts if needed

[ req ]
default_bits       = 2048
default_md         = sha256
default_keyfile    = key.pem
prompt             = no
encrypt_key        = no

distinguished_name = req_distinguished_name
req_extensions     = v3_req
x509_extensions    = v3_req

[ req_distinguished_name ]
commonName             = "localhost"

[ v3_req ]
subjectAltName      = DNS:localhost
keyUsage            = critical, digitalSignature, keyEncipherment
extendedKeyUsage    = critical, 1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2 

Run the command below in shell

openssl req -config https.config -new -out csr.pem

and then

openssl x509 -req -days 365 -extfile https.config -extensions v3_req -in csr.pem -signkey key.pem -out https.crt

They produce these files

  • https.crt
  • key.pem

in the explorer copy them and paste into Envoy folder where dockerfile is located

Importing the certificate to trusted certificates

  • run certmgr to go to certificate manager in windows
  • go to Trusted Root Certification Authorities
  • right click -> All Tasks -> Import
  • Next
  • Browse -> Locate Envoy folder and https.crt
  • OK-> ok whatever