Skip to content

Instantly share code, notes, and snippets.

@madsonic
Last active July 9, 2019 03:59
Show Gist options
  • Save madsonic/34069948b951c98f66240a4aeabcdb0f to your computer and use it in GitHub Desktop.
Save madsonic/34069948b951c98f66240a4aeabcdb0f to your computer and use it in GitHub Desktop.
self signed cert
# self-signed certificates only provide cryptographic security to HTTPS request
# they do not verify the identity of the server
sudo openssl req -x509 -nodes -newkey rsa:4096 \
-keyout /etc/ssl/<name>.key \
-out /etc/ssl/<name>.crt \
-days <NUMBER_OF_DAYS>
# from https://docs.influxdata.com/influxdb/v1.7/administration/config/#transport-layer-security-tls-settings
# assume no requirement for backward compabilities
ciphers = [ "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
]
min-version = "tls1.2"
max-version = "tls1.2"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment