Enable 'client auth' in certificates tool
Without that option X509v3 certificate can be only used for server authentication. While that works for some services, Galera requries this to enable SSL connectivity. Change-Id: Id6ec42aeef06533d56e37c372dbfff3d16c950f0
This commit is contained in:
parent
6f3a0699e3
commit
95c1bd4c87
|
@ -13,69 +13,79 @@ configs:
|
|||
create_certificates: true
|
||||
ca_cert: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDAzCCAeugAwIBAgIJALGXjHvRo799MA0GCSqGSIb3DQEBCwUAMBgxFjAUBgNV
|
||||
BAMMDWNsdXN0ZXIubG9jYWwwHhcNMTcwMTI3MTEwNDAzWhcNNDQwNjE0MTEwNDAz
|
||||
WjAYMRYwFAYDVQQDDA1jbHVzdGVyLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOC
|
||||
AQ8AMIIBCgKCAQEAwq4euabI7gTs44zF2i6QyYRSlGS8PG77v7jTwAXQZm6kFmUC
|
||||
CES0b7VMn2H3PCxE2S8BWEp2+N5RXRLTB05tqEj5yukMy0USU3dbpq+HR/vm57Ck
|
||||
iDgqAyOPX9Y2mYMGETBmdmj1cbvH+u0ZGZfDEokfwltDtu7CRsMpQykdduUcgBuX
|
||||
+l09CTbIuwOWMHNdq1W0W/4QhArgDK+klZuf7p5synmHpMgkThheV/9h3aDz20Bw
|
||||
pjfrtXy++Gji6gaJV2N+Ld6DeMUBR0EB6l5cYA2Kpk6j3Yn/zHOnJWP1cvhjuTe3
|
||||
HqWqsCA5D0955u0pi0PrQx+ufl72goxGs1U4kwIDAQABo1AwTjAdBgNVHQ4EFgQU
|
||||
/+jaw7Ctuh7tizBJLRoBub2M0kowHwYDVR0jBBgwFoAU/+jaw7Ctuh7tizBJLRoB
|
||||
ub2M0kowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEApX4MOGUmToDr
|
||||
J1oirJ+HD8qTsfy36uaz/CuMoFK0Xq+dVKLIl8RfwnvC71oTtDCxnsCNtJihhkfy
|
||||
NxttFFfYYX+rllZ0Fs7MUmhIHI7ZBPImR33IzcgHVwidcK7OAVMEJAfL2HeVhW6z
|
||||
38Uu0VGJuNnlcvVRhNBMNI1xPivZ9K/lQiI+rXxdBaebuvkoZJhWV+HHWmTJSfP5
|
||||
9YeKMd4QFHQ8p9wfXKM5p3uhaexMqVJFVKvPPB6mhMLe0J3CSo5/aoy8OZVfuTvA
|
||||
hlSIa4oSUPlGpTc0KIlqpvmhKnkxDa8mr+knhBfxhQ0zw9tkIyFC0n9QwO7toOSg
|
||||
F0GE+MEfsQ==
|
||||
MIIDtjCCAp6gAwIBAgIUC+RCyvJfFg6qZQfyBMt845rpdgkwDQYJKoZIhvcNAQEL
|
||||
BQAwczELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lzY28xCzAJBgNV
|
||||
BAcTAkNBMRgwFgYDVQQKEw9NeSBDb21wYW55IE5hbWUxETAPBgNVBAsTCE9yZyBV
|
||||
bml0MRIwEAYDVQQDEwlNeSBvd24gQ0EwHhcNMTcwMzAyMjIyMzAwWhcNMjIwMzAx
|
||||
MjIyMzAwWjBzMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNU2FuIEZyYW5jaXNjbzEL
|
||||
MAkGA1UEBxMCQ0ExGDAWBgNVBAoTD015IENvbXBhbnkgTmFtZTERMA8GA1UECxMI
|
||||
T3JnIFVuaXQxEjAQBgNVBAMTCU15IG93biBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
|
||||
ggEPADCCAQoCggEBAN1hRNhLyDp8gC3D+s1J0vMBK8icOJyrE+z34c6JcZCUgX0f
|
||||
xwdtwCFj9TGyBsVp6xIRzK1b7YPlMQl47+FlnLPglB7DH4qk2GKooi/SRTVIw83e
|
||||
z8TwP3hdoPy00ZXCqkT391hv3GctoPBjcatHvRYAG+4kS8Wv3vKWteV+e9Yv12Kv
|
||||
1Oz5w3l1PBU7HorhXCHCb1YBfxEirSBpo7a3nEwILLaTFAcVjrBBJc2sa9c2LcRI
|
||||
p/yfp4CoCHJZ8MRnCN0EXKnD4kGS9wuRF6JmzH523v5MDzVc2HrhIuBV1OoY/L8C
|
||||
zgXRB6+ShgMtoRNqIUlft8TPz657nJEkqFlqR28CAwEAAaNCMEAwDgYDVR0PAQH/
|
||||
BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFM/Qckh3b96p4NOTaitm
|
||||
vLbT/Cs8MA0GCSqGSIb3DQEBCwUAA4IBAQABfQflJjp9a3ZdL68b9XrJMoI1ZvL9
|
||||
eulVs0ilI9Q/Ae/Up0uoMpyW1aaDQnzf3N8W7FF9QJmOvqamAH+1P1+JMcZS3J25
|
||||
JG5A3gCMO6TT23ETE2WicjQDUcqJpQSWc1j8TQ1fIv7uZr+FDHzf+UbAslpj/kGU
|
||||
vOPpnZwmLc9o24ZMxroEpR4TYAgaS5VX1mkT8J+1wLAC1XCf0fCOpWcnRmkZuAYj
|
||||
Ql3SBX+SLaiPuOcyjjxlDFOdzFgFgOE0GHrbwc7Q6QEKUwvwKOa09QErcWTx5mOf
|
||||
H2y2PuBLmU3jRw/x+Gwjg39U4Uj5CipAtqKrsEu4rgfo8AloouYvIWR4
|
||||
-----END CERTIFICATE-----
|
||||
server_cert: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICrjCCAZYCAf8wDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNY2x1c3Rlci5s
|
||||
b2NhbDAeFw0xNzAxMjcxMTA0NDlaFw00NDA2MTQxMTA0NDlaMCIxIDAeBgNVBAMM
|
||||
FyouY2NwLnN2Yy5jbHVzdGVyLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEA4QM8AS/YbcKSUQpnvtDXY1ILCkZTAwx+aJw9mW8byIrMx8kqdSzD
|
||||
YO8WUoMnIen6LF+m2WIZySQO4UzolTc2t10J15vGpw3XmPwICh9Pb5B5f6Kxhdjb
|
||||
yLcAoYhmPesfs4A+Wrlk5nDCETdDrEYUR4mVG5m/bo9ocAsZWwQmmH2xYeM+I9Be
|
||||
JwmQvBZWZFHjB4Lgf+z7M+STsO9F2o9pNlXvPNhjMLPMzbEFU7BPgCAkvDi/9Wq7
|
||||
DRD0aWniU5JmCGIqUpa8aKpHQIzybJx9ilV4ZMd9hHRgllsrLUFHMyzVwjlJgSeJ
|
||||
qGlyE8Z5W7JK6rECBJ9N/3OuxiRzjenxXwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQAYe5OzX5OA0FLmfqHtfYKGBRXG+U+ROC1DmALJ5/KUIe8RRUNhBdvoEwxgDNHW
|
||||
+YoDkSqrG7tQQQZzYpmqZArilEVowCHV9QdFeU1peJ8pjMlMPkHLu23HfG3xlEUV
|
||||
yEZUpsCprrYjkN4cg0Cu8e+q5mYj+lPD37MJriWYx9Srz4zo2p5ylN5rKfaAbac2
|
||||
pdFcSvKi/cTFBKVTn95P4dKPQkbTEQgcF8UxnK58aBuOI8GFH46uIw6lfpfiwx9U
|
||||
k1xeHKCsorpDw2x8tekLWH3BXRvdReWTRcUh9CHbmqZ33qdwvHin06mboKqGSfCD
|
||||
7kqc5uJ16r8SP1AY7nxdN274
|
||||
MIIECTCCAvGgAwIBAgIUVWM9dR6M+PffvdsSlMGEkMcV+RowDQYJKoZIhvcNAQEL
|
||||
BQAwczELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lzY28xCzAJBgNV
|
||||
BAcTAkNBMRgwFgYDVQQKEw9NeSBDb21wYW55IE5hbWUxETAPBgNVBAsTCE9yZyBV
|
||||
bml0MRIwEAYDVQQDEwlNeSBvd24gQ0EwHhcNMTcwMzAyMjIyMzAwWhcNMjIwMzAx
|
||||
MjIyMzAwWjBUMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNh
|
||||
biBGcmFuY2lzY28xIDAeBgNVBAMTFyouY2NwLnN2Yy5jbHVzdGVyLmxvY2FsMIIB
|
||||
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxcSayfzt4rxnb3UC5nPn8rm
|
||||
QljYrMnCCeVQeWygbeAkC+rpJELvX5pVii03G7lqKEzFRF935rXgKOqDUENeQzgM
|
||||
Hdg01Qr9bA5mOrs9BD05n7Zt1571U0OzD2c5HvWy9VnJXK/Ep2v8xt0FedqPSjCG
|
||||
Le8U5WXL731bFvHrvpNH0TvJ0VXJDVVa6kGLDtyyU5INisfabUSVcEoJUAhhMJlB
|
||||
Tq8/PrWOyzs4ju8h2OKwufpNDp83mol4RIWkozmT+xSMjyxXfkdQV2wZPwI1oHcn
|
||||
GoiZBHgOAIDAb65dTtzd+4DBOB7rCdUuefPF3cSZsyNPoFMNfy+Ot4rofuxBcQID
|
||||
AQABo4GzMIGwMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
|
||||
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUfVl/9ncTkGeIL3BRIgG7
|
||||
Q5aLFO0wHwYDVR0jBBgwFoAUz9BySHdv3qng05NqK2a8ttP8KzwwMQYDVR0RBCow
|
||||
KIIXKi5jY3Auc3ZjLmNsdXN0ZXIubG9jYWyCDWNsdXN0ZXIubG9jYWwwDQYJKoZI
|
||||
hvcNAQELBQADggEBABAHwNwofOzandLcxM3lMTR7v0pYU4hQVPdzM7Vq7nW+jx9R
|
||||
TWPe8uSs99FXUZ1UvVoGobHQ9alUhP3oLMhva/+pRi+/00rf6bkFd+pGybriRqP/
|
||||
al5mWhufQqt/7ISphsN1A0DuYzAHVg2uDBOqg2isx6UPbankSjq0DgH/0WC0PCWF
|
||||
8f+zqB684VuUjjslXNmmEHEj56ZaEQMs/fzjwTozwIbstC+S2pJTdec+UmIzjbMp
|
||||
/o8dUgvR8eTu0jEt1RqM/hY3SQCstI6CZ3ozKDDPjGNy0EDblwzMoj6sIAO3uRe7
|
||||
Q1rXgPuRZ05X7fF/kYyC0uiLVn+nLP+88t3FPkU=
|
||||
-----END CERTIFICATE-----
|
||||
server_key: |
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA4QM8AS/YbcKSUQpnvtDXY1ILCkZTAwx+aJw9mW8byIrMx8kq
|
||||
dSzDYO8WUoMnIen6LF+m2WIZySQO4UzolTc2t10J15vGpw3XmPwICh9Pb5B5f6Kx
|
||||
hdjbyLcAoYhmPesfs4A+Wrlk5nDCETdDrEYUR4mVG5m/bo9ocAsZWwQmmH2xYeM+
|
||||
I9BeJwmQvBZWZFHjB4Lgf+z7M+STsO9F2o9pNlXvPNhjMLPMzbEFU7BPgCAkvDi/
|
||||
9Wq7DRD0aWniU5JmCGIqUpa8aKpHQIzybJx9ilV4ZMd9hHRgllsrLUFHMyzVwjlJ
|
||||
gSeJqGlyE8Z5W7JK6rECBJ9N/3OuxiRzjenxXwIDAQABAoIBAD080BvSlahph8Ce
|
||||
gFWiKLxTG8YUFYuC3vRBcVJMttcBT3IgAXoaUKIU75JNN103fGqPLa2D0Vi4g4Q1
|
||||
libl+/IzU/Zl4s6cKczs6pM2qjvGqgpekMnIlygtBfLwWEMJtnr3sACo7Bj7HxXo
|
||||
YHaGLAa8HuSAF2VTiizUGHZ4zrg5GilPf6ULkz69LBRkcm0yr7anG03csB36/b/u
|
||||
ZUpfLCSLFm4xL9bEJGA4s0OjYw6wAbzx0/A3h2+c/f+9n7t5lWt7RfKAf4Jp+oxC
|
||||
3iIb94y5DTClQEbfXR/PAxsRgHd7ly222b8lWEdESHZWcFNzQwOFSCXK+VYS1hca
|
||||
/hGvt+ECgYEA/ukcdsz6RXTde+uMmKwRAIGMoB9IlRUXr3XBt4Z/RfQwDs69WKi0
|
||||
Ngefho4XBPPHfXpkifQ+8lCZrb0Yc4OT/7lTAylYrjQo9SjnV+K6F6c9ztarAbEo
|
||||
Nj11YpvHjnWtSc/GDymVzPVZ99A0euFf/sVoecuQDqGgGCKcKAFgtvUCgYEA4flp
|
||||
szy5na+yjp7PzPe8MVSpdqziqZk3KjtZHTc8TxFb29GbJ8/g4sgtWO65ogOpbQca
|
||||
TF2rW8fTzRBkgE6u3wfqcjsBSOVQDCHnP6Q00Vo2sdsCHkyr7btqIjdFxT3tkTXS
|
||||
mNBDJfv3MjtRmNTdtzyH63GuLSbhetLTB1VzyoMCgYEAh4UzRs2u+KIq5ijSdJB1
|
||||
8YjuVGqNUgUGtJesR3/PxkcODbFH5Qy70kW3P/fmsRFRq5oYPWeG15iWO1He3/rC
|
||||
AiBqy7F9ng/I/p2icIzvVofpSj/CZoHi2QNPlv8u1sQlPqqhp4n6RB7kl+UvIW0U
|
||||
dgRJiQb6LW0sCejMkFA7NMkCgYEAoBChdJqxCCcqHagUnaVlorPLjgqMS4IB92Iu
|
||||
j2lOyNsM7Doe4yZ2r20H4hTHXSGm41nCoRFAjjSPrJPN/Ky/ZbAfu2ZcVJxKBS4G
|
||||
tafE2f5C+9ycNYYtyqmUVkQ8oahqHQ+46xGqXr+JrAUkmVM+8cpopLfTnpwJ34xy
|
||||
eqFm8a0CgYEA5v/3J+a1LbWe4PQIpgsCnogf8kLi0JHdwkGSu0K28BVz2Vn1dJyy
|
||||
x8ThRJebbyM1nWgBVvmvEkJyXI8ikCmIORkLGU6Fx8trtqz++JS/+oQkLiMEIV3O
|
||||
Mm6XkTAHmjRyKJatoTngtNWsV2rjw1d/yflP2LtiEN7ghRbWW8MtGUo=
|
||||
MIIEowIBAAKCAQEAqxcSayfzt4rxnb3UC5nPn8rmQljYrMnCCeVQeWygbeAkC+rp
|
||||
JELvX5pVii03G7lqKEzFRF935rXgKOqDUENeQzgMHdg01Qr9bA5mOrs9BD05n7Zt
|
||||
1571U0OzD2c5HvWy9VnJXK/Ep2v8xt0FedqPSjCGLe8U5WXL731bFvHrvpNH0TvJ
|
||||
0VXJDVVa6kGLDtyyU5INisfabUSVcEoJUAhhMJlBTq8/PrWOyzs4ju8h2OKwufpN
|
||||
Dp83mol4RIWkozmT+xSMjyxXfkdQV2wZPwI1oHcnGoiZBHgOAIDAb65dTtzd+4DB
|
||||
OB7rCdUuefPF3cSZsyNPoFMNfy+Ot4rofuxBcQIDAQABAoIBAHAN5V9PRF1C4Cpr
|
||||
CLUsYQKMFjEAFbFdVvu6N/G/BnfQJGu1yEqamEKqRzn/kSdUUcXhOhYk3Ne66PyD
|
||||
U8u+w78Mt0rYrwmVcBNUfvoaZcUgAFytU9Wz44NMRLti5NN1Imd1Dd/pssfgfycT
|
||||
3SFI1y5FB6yP+MSh3maVWJJ3keo3Y3H0o552grmjcPyYHvCHeBwfT7OXvoAXzpMa
|
||||
/gdjqKh/IReOBqTv/se/jbfrDx1g9EbJEL27rIycvihBlsV1DbK2HMoYMD9sAKFe
|
||||
dOGW1tEpDSO5XkQT8O1oq1R3vJgGQTSVd/qtinXV/p2zJZAy0EUngP1s4GsRoBME
|
||||
J9bsftECgYEA3UpL1lgWP7jQTv7vHgz1sWtoWyL1kKs5A+tKhY52k5ufwaZQbWc5
|
||||
JQZXIQXlvc1dYPPXaogs1zUA4EdluCjI64TGbWyr2u4rMrJ6+3UuvWHrrWy5sX/Y
|
||||
xWeyjVnOct2SsR9B+Gevnyab2Eruz3fXhm9U88Jrxl9L2l12gEWL5dUCgYEAxe0J
|
||||
k19Tv3XGYVsQ5PFnLPj8O6vkz/DZo24xlsqeegRc2KUc/fJtpD/SiuW7rW/8m+Vt
|
||||
n+smN+j+eI04dEayLGu2xBQd0DZ0d/s5l2jQhuX1tpei6agSbYNUtgQZ3ocNzHBH
|
||||
IYMvCaQuFF7y6Epz7yn4fSc70iNCS5x9RqU37y0CgYAPoHOCi23myhJLwcz4/klL
|
||||
Yh5YcTuOH8lC8Zatn8XX3qGFd00urJ9oce4tMtFqedoiQpXvu/YOrHuHWwNf4eFu
|
||||
YE3y5D2ulCsQxXHR2BCY5xVRheAHHNQd/JirSrA9hFAbme16sTfBsWRH/eKnW/so
|
||||
TyxcmloqBAjDPt5jaIXckQKBgDtKNoQfGkdQUIz5aqYqam3eaDC33WMtEwUSDWjO
|
||||
aYrDo8yCKZ0o8g8xzzAsgXwC//jzUVOGbXxyH0idhTvPsa/81FMIc6XbqigG6cmh
|
||||
bFX8rQ51fifgYSTNIqMjt1whuNB1EdnIIl8Q/3y6tKlBJFmQiQ90oUbhqQpdZmmz
|
||||
NH5BAoGBAIeJybJsxVoekesYv05+m/7mq5H3IOLYYe4cX+d6yl9DjzTeG135Habo
|
||||
vQMuDkRbr3iQnJt4B9lAvsP02jUEeZY48tuCAUyHzXrWDBnG4osxh/tV0pY37OEs
|
||||
qt54cnFUq0oAgMhsZkhpKroQqSZSux90/4d9UrbtRNYcl2kiAjsX
|
||||
-----END RSA PRIVATE KEY-----
|
||||
dhparam: |
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
|
@ -86,4 +96,3 @@ configs:
|
|||
j44cnTAdWbn6EDrPOiJkm/uPv67a8jBWNGZwkWi8H6jIt05HPMivYvtyHucFhORT
|
||||
Jh3t5tPNIJw5JBev4SAfaObVtm30tFSvOwIBAg==
|
||||
-----END DH PARAMETERS-----
|
||||
|
||||
|
|
|
@ -5,7 +5,8 @@
|
|||
"usages": [
|
||||
"signing",
|
||||
"key encipherment",
|
||||
"server auth"
|
||||
"server auth",
|
||||
"client auth"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue