»Consul TLS Cert Create
Command: consul tls cert create
The tls cert create command is used to create certificates for your Consul TLS
setup.
»Examples
Create a certificate for servers:
Create a certificate for clients:
Create a certificate for cli:
»Usage
Usage: consul tls cert create [filename-prefix] [options]
»TLS Cert Create Options
-
-additional-dnsname=<string>- Provide an additional dnsname for Subject Alternative Names. localhost is always included. This flag may be provided multiple times. -
-additional-ipaddress=<string>- Provide an additional ipaddress for Subject Alternative Names.127.0.0.1is always included. This flag may be provided multiple times. -
-ca=<string>- Provide path to the ca. Defaults to#DOMAIN#-agent-ca.pem. -
-cli- Generate cli certificate. -
-client- Generate client certificate. -
-days=<int>- Provide number of days the certificate is valid for from now on. Defaults to 1 year. -
-dc=<string>- Provide the datacenter. Matters only for-servercertificates. Defaults todc1. -
-domain=<string>- Provide the domain. Matters only for-servercertificates. -
-key=<string>- Provide path to the key. Defaults to#DOMAIN#-agent-ca-key.pem. -
-node=<string>- When generating a server cert and this is set an additional dns name is included of the form<node>.server.<datacenter>.<domain>. -
-server- Generate server certificate.