status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-12 14:55:02 +00:00
Code Issues Projects Releases Wiki Activity
consul/website/pages/commands/tls/ca.mdx
Jasmine W a9df6ac50b
docs: update structure (#8506) 
- moved and renamed files/folders based on new structure
- updated docs navigation based on new structure
- moved CLI to top nav (created commands.jsx and commands-navigation.js)
- updated and added redirects
- updating to be consistent with standalone categories
- changing "overview" link in top nav to lead to where intro was moved (docs/intro)
- adding redirects for intro content
- deleting old intro folders
- format all data/navigation files
- deleting old commands folder
- reverting changes to glossary page
- adjust intro navigation for removal of 'vs' paths
- add helm page redirect
- fix more redirects
- add a missing redirect
- fix broken anchor links and formatting mistakes
- deleted duplicate section, added redirect, changed link
- removed duplicate glossary page
2020-09-01 11:14:13 -04:00

43 lines
1.2 KiB
Plaintext
Raw Blame History

---
layout: commands
page_title: 'Commands: TLS CA Create'
sidebar_title: ca
---
# Consul TLS CA Create
Command: `consul tls ca create`
This command create a self signed CA to be used for Consul TLS setup.
## Example
Create CA:
```shell-session
$ consul tls ca create
==> Saved consul-ca.pem
==> Saved consul-ca-key.pem
```
## Usage
Usage: `consul tls ca create [filename-prefix] [options]`
#### TLS CA Create Options
- `-additional-name-constraint=<value>` - Add name constraints for the CA.
Results in rejecting certificates for other DNS than specified. Can be used
multiple times. Only used in combination with `-name-constraint`.
- `-days=<int>` - Provide number of days the CA is valid for from now on, defaults to 5 years.
- `-domain=<string>` - Domain of consul cluster. Only used in combination with
`-name-constraint`. Defaults to `consul`.
- `-name-constraint` - Add name constraints for the CA. Results in rejecting
certificates for other DNS than specified. If turned on localhost and -domain
will be added to the allowed DNS. If the UI is going to be served over HTTPS
its DNS has to be added with `-additional-constraint`. It is not possible to
add that after the fact! Defaults to false.
Reference in New Issue View Git Blame Copy Permalink