A lightweight script to manage a private Certificate Authority (CA) and issue client certificates for mTLS.
- Build the image:
podman build -t my-ca .
- Create a data directory:
mkdir ./my-ca-data
podman run --rm -v ./my-ca-data:/data my-ca init "CA NAME"
Generates a .p12 file (AES-256 encrypted) for a user.
- Usage:
new-client <name> <UUID> [password] - Default Password:
changeit
podman run --rm -v ./my-ca-data:/data my-ca new-client \
"MyPhone" \
"000d10000-abcd-dcba-abcd-00000d100000" \
"PASSWORD"