cert-gen
Generate TLS certificates for server and client
Synopsis
Cert-Gen
The cert-gen command provides a quick and simple way to generate certificates that can be used for
TLS connections between a torero server and a torero client. TLS provides secure communication channels
between the torero gRPC clients and servers. Securing data transmitted over the network is crucial
when dealing with sensitive data. The generate command addresses many of the complexity of generating
and managing TLS certificates when getting torero servers up and running. It is certainly not required that
certificates referenced by torero are generated using this utility.
Certificates can be configured on the torero server via the configuration variables TORERO_SERVER_PRIVATE_KEY_FILE and
TORERO_SERVER_CERTIFICATE_FILE. Similarly, torero client certificates can be configured via TORERO_CLIENT_PRIVATE_KEY_FILE
and TORERO_CLIENT_CERTIFICATE_FILE.
torero cert-gen [flags]Examples
Default
By default, the torero.crt and torero.key files will be generated in your current directory.
>_ torero cert-gen
Create A New Certificate Combination
Many additional flags to modify the files' security properties are also available.
>_ torero cert-gen \
--cn torero.dev \
--country US \
--days 365 \
--org IT \
--output /etc/torero \
--san localhost,myserver.com,gwtorero.devOptions
-c, --cn string Common Name for the certificate (default "torero.dev")
-C, --country string Country (default "US")
-D, --days int Number of days until the certificate expires (default 365)
-h, --help help for cert-gen
-o, --org string Organization Name (default "automationOrg")
-d, --output string Output directory for the certificates (default "./")
-s, --san string Comma-seperated list of Subject Alternative Names (default "127.0.0.1")Options inherited from parent commands
--config string Path to the configuration file
--raw Displays the result of the command in its raw format
--verbose Enable verbose outputSEE ALSO
- torero - Welcome to torero