README.md

python-mtls-e2e-sample

Updates

TODO

• Demonstrate cross-signed certs

Use

Monkeying with certs

Make the stuff:

make realclean && make -j4 verbose=y validate

Inspect certs:

make show

Clean up:

make realclean

Testing mTLS

Using a python server and client

Make PKI:

make

Start a server:

./server.py

... then start a client:

./client.py

Using openssl

Make PKI:

make

openssl s_client -CAfile ./root-ca-cert.pem -cert ./client-cert.pem -key ./client-key.pem -cert_chain ./client-certchain.pem -connect myserver.cluster.local:8443 -pass file:passphrase.txt

... or also functional ...

openssl s_client -CAfile ./root-ca-cert.pem -cert ./client-certchain.pem -key ./client-key.pem -cert_chain ./client-certchain.pem -connect myserver.cluster.local:8443 -pass file:passphrase.txt