3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 08:50:42 +02:00
Code Issues Projects Releases Packages Wiki Activity

docs: fix generation of the public key (#2864) (#2865)

Browse source 
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>

Co-authored-by: Sylvain Rabot <sylvain@abstraction.fr>
This commit is contained in:
backport-actions-token[bot] 2021-12-29 09:06:27 -06:00 committed by GitHub
parent f8efdd75e1
commit 6c7fdc2dfc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
docs/docs/topics/getting-users-identity.md
View file

@ -72,9 +72,8 @@ Though you will very likely be verifying signed-headers programmatically in your
1. Provide pomerium with a base64 encoded Elliptic Curve ([NIST P-256] aka [secp256r1] aka prime256v1) Private Key. In production, you'd likely want to get these from your KMS.
```bash
# see ./scripts/generate_self_signed_signing_key.sh
openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem
openssl req -x509 -new -key ec_private.pem -days 1000000 -out ec_public.pem -subj "/CN=unused"
openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem
openssl ec -in ec_private.pem -pubout -out ec_public.pem
# careful! this will output your private key in terminal
cat ec_private.pem | base64
```