Add command to generate test keys/certs (#204)
Add `generate-keys` command, which can be used to generate TLS keys/certs, and, more usefully, matrix signing keys.
This commit is contained in:
Richard van der Hoff
Mark Haines
parent
fc51f72bf9
commit
8c2e6273e3
3 changed files with 73 additions and 15 deletions
11
INSTALL.md
11
INSTALL.md
|
|
@ -71,21 +71,14 @@ Dendrite requires a postgres database engine, version 9.5 or later.
|
|||
|
||||
### Crypto key generation
|
||||
|
||||
Generate the keys (unlike synapse, dendrite doesn't autogen yet):
|
||||
Generate the keys:
|
||||
|
||||
```bash
|
||||
# Generate a self-signed SSL cert for federation:
|
||||
test -f server.key || openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 3650 -nodes -subj /CN=localhost
|
||||
|
||||
# generate ed25519 signing key
|
||||
test -f matrix_key.pem || python3 > matrix_key.pem <<EOF
|
||||
import base64;
|
||||
r = lambda n: base64.b64encode(open("/dev/urandom", "rb").read(n)).decode("utf8");
|
||||
print("-----BEGIN MATRIX PRIVATE KEY-----")
|
||||
print("Key-ID:", "ed25519:" + r(3).rstrip("="))
|
||||
print(r(32))
|
||||
print("-----END MATRIX PRIVATE KEY-----")
|
||||
EOF
|
||||
test -f matrix_key.pem || ./bin/generate-keys -private-key matrix_key.pem
|
||||
```
|
||||
|
||||
### Configuration
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue