ma-agents 2.7.0 → 2.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -19,7 +19,20 @@ Automate the creation of Root CAs and self-signed certificates for internal serv
|
|
|
19
19
|
- Ensure the certificate Common Name (CN) matches the intended hostname.
|
|
20
20
|
|
|
21
21
|
## Usage
|
|
22
|
-
|
|
22
|
+
The skill provide both Bash (Linux/macOS) and PowerShell (Windows) scripts.
|
|
23
|
+
|
|
24
|
+
### Linux / macOS
|
|
25
|
+
Run `scripts/generate-cert.sh` with:
|
|
23
26
|
- `TYPE`: `root` or `cert`
|
|
24
27
|
- `NAME`: Base name for the files
|
|
25
28
|
- `DNS`: Primary domain/IP
|
|
29
|
+
|
|
30
|
+
Example: `bash scripts/generate-cert.sh cert my-service localhost`
|
|
31
|
+
|
|
32
|
+
### Windows (PowerShell)
|
|
33
|
+
Run `scripts/generate-cert.ps1` with:
|
|
34
|
+
- `-Type`: `root` or `cert`
|
|
35
|
+
- `-Name`: Base name
|
|
36
|
+
- `-Dns`: Primary domain/IP
|
|
37
|
+
|
|
38
|
+
Example: `.\scripts\generate-cert.ps1 -Type cert -Name my-service -Dns localhost`
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
param (
|
|
2
|
+
[Parameter(Mandatory=$true)]
|
|
3
|
+
[ValidateSet("root", "cert")]
|
|
4
|
+
[string]$Type,
|
|
5
|
+
|
|
6
|
+
[string]$Name = "server",
|
|
7
|
+
|
|
8
|
+
[string]$Dns = "localhost",
|
|
9
|
+
|
|
10
|
+
[string]$CaKey,
|
|
11
|
+
|
|
12
|
+
[string]$CaCert
|
|
13
|
+
)
|
|
14
|
+
|
|
15
|
+
$ErrorActionPreference = "Stop"
|
|
16
|
+
|
|
17
|
+
if ($Type -eq "root") {
|
|
18
|
+
Write-Host "Generating Root CA..." -ForegroundColor Cyan
|
|
19
|
+
openssl genrsa -out "${Name}_rootCA.key" 4096
|
|
20
|
+
openssl req -x509 -new -nodes -key "${Name}_rootCA.key" -sha256 -days 3650 -out "${Name}_rootCA.crt" `
|
|
21
|
+
-subj "/CN=${Name}-Root-CA/O=MA-Agents/C=US"
|
|
22
|
+
Write-Host "Root CA created: ${Name}_rootCA.crt" -ForegroundColor Green
|
|
23
|
+
|
|
24
|
+
} elseif ($Type -eq "cert") {
|
|
25
|
+
if (-not $CaKey -or -not $CaCert) {
|
|
26
|
+
Write-Host "Generating standalone self-signed certificate..." -ForegroundColor Cyan
|
|
27
|
+
openssl req -x509 -newnodes -days 365 -newkey rsa:2048 `
|
|
28
|
+
-keyout "${Name}.key" -out "${Name}.crt" `
|
|
29
|
+
-subj "/CN=${Dns}/O=MA-Agents" `
|
|
30
|
+
-addext "subjectAltName = DNS:${Dns}"
|
|
31
|
+
} else {
|
|
32
|
+
Write-Host "Generating certificate signed by CA..." -ForegroundColor Cyan
|
|
33
|
+
openssl genrsa -out "${Name}.key" 2048
|
|
34
|
+
openssl req -new -key "${Name}.key" -out "${Name}.csr" -subj "/CN=${Dns}/O=MA-Agents"
|
|
35
|
+
|
|
36
|
+
# Extension file for SAN
|
|
37
|
+
"subjectAltName = DNS:${Dns}" | Out-File -FilePath "${Name}.ext" -Encoding ascii
|
|
38
|
+
|
|
39
|
+
openssl x509 -req -in "${Name}.csr" -CA "$CaCert" -CAkey "$CaKey" -CAcreateserial `
|
|
40
|
+
-out "${Name}.crt" -days 365 -sha256 -extfile "${Name}.ext"
|
|
41
|
+
|
|
42
|
+
Remove-Item "${Name}.csr", "${Name}.ext" -ErrorAction SilentlyContinue
|
|
43
|
+
}
|
|
44
|
+
Write-Host "Certificate created: ${Name}.crt" -ForegroundColor Green
|
|
45
|
+
}
|