Difference between revisions of "Create Certificate for Envoy"

Latest revision as of 12:12, 5 October 2021

Installing Ubuntu WSL in windows run this command in Powershell :

wsl --install -d Ubuntu

After the installation run the command in ubuntu

explorer.exe .

Create a new file "https.config" and put these lines in it. Change localhosts if needed

[ req ]
default_bits       = 2048
default_md         = sha256
default_keyfile    = key.pem
prompt             = no
encrypt_key        = no

distinguished_name = req_distinguished_name
req_extensions     = v3_req
x509_extensions    = v3_req

[ req_distinguished_name ]
commonName             = "localhost"

[ v3_req ]
subjectAltName      = DNS:localhost
keyUsage            = critical, digitalSignature, keyEncipherment
extendedKeyUsage    = critical, 1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2 

Run the command below in shell

openssl req -config https.config -new -out csr.pem

and then

openssl x509 -req -days 365 -extfile https.config -extensions v3_req -in csr.pem -signkey key.pem -out https.crt

They produce these files

• https.crt
• key.pem

in the explorer copy them and paste into Envoy folder where dockerfile is located

Importing the certificate to trusted certificates

• run certmgr to go to certificate manager in windows
• go to Trusted Root Certification Authorities
• right click -> All Tasks -> Import
• Next
• Browse -> Locate Envoy folder and https.crt
• OK-> ok whatever