62 lines
1.6 KiB
Markdown
62 lines
1.6 KiB
Markdown
# skz-pki - PKI management with OpenSSL
|
|
|
|
Samuel 'sk4nz' AUBERTIN - 2019
|
|
|
|
Version 0.0.1
|
|
|
|
## Features
|
|
|
|
Fully idempotent PKI.
|
|
|
|
Every configuration knob is located in ```src/pki.mk```
|
|
|
|
## HOWTO
|
|
|
|
### Create the PKI
|
|
|
|
Edit ```USERS``` and ```SERVERS``` in the _Makefile_, then run ```make```, but
|
|
you can also explicity declare ```USERS``` and ```SERVERS``` with the environment
|
|
variables :
|
|
|
|
```make USERS="kafka@sk4.nz orwell@sk4.nz" SERVERS="trebuchet.sk4.nz"```
|
|
|
|
### Revocation
|
|
|
|
Revocation works one certificate at a time using the ```TO_REVOKE``` environment
|
|
variable.
|
|
|
|
```make revoke TO_REVOKE=kafka@sk4.nz```
|
|
|
|
### Invocation from another Makefile
|
|
|
|
```
|
|
PKI_PATH = skz-pki
|
|
MY_SERVERS = trebuchet.sk4.nz
|
|
MY_USERS = kafka@sk4.nz orwell@sk4.nz
|
|
|
|
$(PKI_PATH):
|
|
@cd $@ && $(MAKE) SERVERS="$(MY_SERVERS)" USERS="$(MY_USERS)"
|
|
```
|
|
|
|
### Delete PKI
|
|
|
|
```make clean```
|
|
|
|
## License
|
|
|
|
```
|
|
Copyright (c) 2019 Samuel 'sk4nz' AUBERTIN <samuel DOT aubertin@gmail DOT com>
|
|
|
|
Permission to use, copy, modify, and distribute this software for any
|
|
purpose with or without fee is hereby granted, provided that the above
|
|
copyright notice and this permission notice appear in all copies.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
```
|