% SPLINTER-CERT-GENERATE(1) Cargill, Incorporated | Splinter Commands
NAME
splinter-cert-generate — Generates test certificates and keys for running splinterd with TLS (in insecure mode)
SYNOPSIS
| splinter cert generate [FLAGS] [OPTIONS]
DESCRIPTION
Running Splinter in TLS mode requires valid X.509 certificates from a certificate authority. When developing against Splinter, you can use this command to generate development certificates and the associated keys for your development environment.
The files are generated in the location specified by --cert-dir
, the
SPLINTER_CERT_DIR
environment variable, or in the default location
/etc/splinter/certs/
. Note: The default location could be different if the
SPLINTER_HOME
environment variable is set; see the splinterd(1)
man page
for more information.
The following files are created: client.crt
, client.key
, server.crt
,
server.key
, rest_api.crt
, rest_api.key
, generated_ca.pem
, and
generated_ca.key
.
FLAGS
--force
- Overwrites files if they exist. If this flag is not provided and the file exists, an error is returned.
-
-h
,--help
- Prints help information
-
-q
,--quiet
- Decreases verbosity (the opposite of -v). When specified, only errors or warnings will be output.
--skip
- Checks if the files exists and generates the files that are missing. If this flag is not provided and the file exists, an error is returned.
-
-V
,--version
- Prints version information
-v
- Increases verbosity (the opposite of -q). Specify multiple times for more output.
OPTIONS
-
-d
,--cert-dir CERT-DIR
- Specifies the path to the directory to contain the certificates and associated
key files. (Default:
/etc/splinter/certs/
, unlessSPLINTER_CERT_DIR
orSPLINTER_HOME
is set). This directory must exist. --common-name COMMON-NAME
- Alias for
--server-common-name
. Deprecated. --rest-api-common-name COMMON-NAME
- Specifies a common name for the generated REST API certificate. (Default:
localhost
.) Use this option if thesplinterd
URL uses a DNS address instead of a numerical IP address. --server-common-name COMMON-NAME
- Specifies a common name for the generated server certificate. (Default:
localhost
.) Use this option if thesplinterd
URL uses a DNS address instead of a numerical IP address.
EXAMPLES
To generate test certificates and keys:
$ splinter cert generate
To create missing certificates and keys when some files already exist, add the
--skip
flag. The command will ignore the existing files and create any files
that are missing.
$ splinter cert generate --skip
To recreate the certificates and keys from scratch, use the --force
flag to
overwrite all existing files.
$ splinter cert generate --force
ENVIRONMENT VARIABLES
- SPLINTER_CERT_DIR
-
Specifies the directory containing certificates and associated key files (see
--cert-dir
). - SPLINTER_HOME
-
Changes the base directory path for the Splinter directories, including the certificate directory. (See the
splinterd(1)
man page for more information.) This value is not used ifSPLINTER_CERT_DIR
is set.
SEE ALSO
| splinterd(1)
|
| Splinter documentation: https://www.splinter.dev/docs/0.7/