CodeQL Release Docker Image codecov
Lightweight self-signed certificate generator, size between 1.5MB (executable) and 5MB (docker image).
Generate self-hosted or development certificates through simple configuration.
Create self-signed certificates supporting *.lab.com and *.data.lab.com domains with just "One Click":
docker run --rm -it -v `pwd`/ssl:/ssl soulteary/certs-maker:v3.6.1 "--CERT_DNS=lab.com,*.lab.com,*.data.lab.com" # OR use environment: # docker run --rm -it -v `pwd`/ssl:/ssl -e "CERT_DNS=lab.com,*.lab.com,*.data.lab.com" soulteary/certs-maker:v3.6.1
The generated certificates will be stored in the ssl directory within the execution directory:
ssl ├── lab.com.conf ├── lab.com.der.crt ├── lab.com.der.key ├── lab.com.pem.crt └── lab.com.pem.key
You can use PEM or DER format certificates according to your preference.
For those who prefer file-based configuration, you can use a docker-compose.yml file like this:
version: '2' services: certs-maker: image: soulteary/certs-maker:v3.6.1 environment: - CERT_DNS=lab.com,*.lab.com,*.data.lab.com volumes: - ./ssl:/ssl
Then, run the following command:
docker-compose up # OR # docker compose up
To make the certificate more Kubernetes-friendly, add the FOR_K8S parameter:
docker run --rm -it -v `pwd`/ssl:/ssl soulteary/certs-maker:v3.6.1 "--CERT_DNS=lab.com,*.lab.com,*.data.lab.com --FOR_K8S=ON" # OR # docker run --rm -it -v `pwd`/ssl:/ssl -e "CERT_DNS=lab.com,*.lab.com,*.data.lab.com" -e "FOR_K8S=ON" soulteary/certs-maker:v3.6.1
Here's a K8s-friendly docker-compose.yml file:
version: '2' services: certs-maker: image: soulteary/certs-maker:v3.6.1 environment: - CERT_DNS=lab.com,*.lab.com,*.data.lab.com - FOR_K8S=ON volumes: - ./ssl:/ssl
To enhance compatibility with Firefox, include the FOR_FIREFOX parameter:
docker run --rm -it -v `pwd`/ssl:/ssl soulteary/certs-maker:v3.6.1 "--CERT_DNS=lab.com,*.lab.com,*.data.lab.com --FOR_FIREFOX=ON" # OR # docker run --rm -it -v `pwd`/ssl:/ssl -e "CERT_DNS=lab.com,*.lab.com,*.data.lab.com" -e "FOR_FIREFOX=ON" soulteary/certs-maker:v3.6.1
And here's a Firefox-friendly docker-compose.yml file:
version: '2' services: certs-maker: image: soulteary/certs-maker:v3.6.1 environment: - CERT_DNS=lab.com,*.lab.com,*.data.lab.com - FOR_FIREFOX=ON volumes: - ./ssl:/ssl
For more granular control over certificate details, such as issuing country, province, street, and organization name, refer to the following section on manually adding parameters.
Customize your generated certificate by setting environment variables or using Docker CLI arguments.
Using environment variables:
| Parameter | Name | Use in environment variables |
|---|---|---|
| Country Name | CERT_C | CERT_C=CN |
| State Or Province Name | CERT_ST | CERT_ST=BJ |
| Locality Name | CERT_L | CERT_L=HD |
| Organization Name | CERT_O | CERT_O=Lab |
| Organizational Unit Name | CERT_OU | CERT_OU=Dev |
| Common Name | CERT_CN | CERT_CN=Hello World |
| Domains | CERT_DNS | CERT_DNS=lab.com,*.lab.com,*.data.lab.com |
| Issue for K8s | FOR_K8S | FOR_K8S=ON |
| Issue for Firefox | FOR_FIREFOX | FOR_FIREFOX=ON |
| File Owner User | USER | USER=ubuntu |
| File Owner UID | UID | UID=1234 |
| File Owner GID | GID | GID=2345 |
| Custom certs output dir | DIR | DIR=./ssl |
| Custom certs filename | CUSTOM_FILE_NAME | CUSTOM_FILE_NAME=filename |
| Expire Days | EXPIRE_DAYS | EXPIRE_DAYS=3650 |
Using program CLI arguments:
| Parameter | Name | Use in CLI arguments |
|---|---|---|
| Country Name | CERT_C | --CERT_C=CN |
| State Or Province Name | CERT_ST | --CERT_ST=BJ |
| Locality Name | CERT_L | --CERT_L=HD |
| Organization Name | CERT_O | --CERT_O=Lab |
| Organizational Unit Name | CERT_OU | --CERT_OU=Dev |
| Common Name | CERT_CN | --CERT_CN=Hello World |
| Domains | CERT_DNS | --CERT_DNS=lab.com,*.lab.com,*.data.lab.com |
| Issue for K8s | FOR_K8S | --FOR_K8S=ON |
| Issue for Firefox | FOR_FIREFOX | --FOR_FIREFOX=ON |
| File Owner User | USER | --USER=ubuntu |
| File Owner UID | UID | --UID=1234 |
| File Owner GID | GID | --GID=2345 |
| Custom certs output dir | DIR | --DIR=./ssl |
| Custom certs filename | CUSTOM_FILE_NAME | --CUSTOM_FILE_NAME=filename |
| Expire Days | EXPIRE_DAYS | --EXPIRE_DAYS=3650 |