TLS ScriptsView SourceRelease Notes
This service contains scripts that simplify the process of creating and managing TLS certificates, JVM key stores and trust stores, and RDS CA certificates.
Bash scripts that simplify working with TLS certificates. You will typically only need these scripts to configure end-to-end encryption in your Reference Architecture.
- Simplify creating self-signed TLS certificates
- Encrypt TLS certificates using KMS
- Upload TLS certificates to AWS for use with ELBs
- Download CA public keys for validating RDS TLS connections
- Simplify creating key stores and trust stores to manage TLS certificates for JVM apps
- Run from a Docker container so you don’t need to install any dependencies locally
- How does TLS/SSL work?
- What are commercial or public Certificate Authorities?
- How does Gruntwork generate a TLS cert for private services?
About the scripts specifically
- How does create-tls-cert work?
- How does download-rds-ca-certs work?
- How does generate-trust-stores work?
- How do I run these scripts using Docker?
- How do I create self-signed TLS certs?
- Should I store certs in AWS Secrets Manager or Amazon Certificate Manager?
- Generating self-signed certs for local dev and testing
- Generating self-signed certs for prod, encrypting certs locally with KMS
- Generating self-signed certs for prod, using AWS Secrets Manager for storage
- Generating self-signed certs for prod, using Amazon Certificate Manager for storage
- How do I download CA public keys for validating RDS TLS connections?
- How do I generate key stores and trust stores to manage TLS certificates for JVM apps?