generate

#!/usr/bin/env ruby

require 'fileutils'
require './lib/cert_util'

ca_dir, passphrase, country, state, locality, commonname = ARGV

unless ca_dir && passphrase
  puts 'USAGE: generate  DIR_PATH  PRIVATE_KEY_PASSPHRASE COUNTRY STATE LOCALITY COMMON_NAME'
  puts 'Example: generate /tmp/certs Pr!vate AU NSW Sydney ashish.io'
  puts ''
  exit 0
end

FileUtils.mkdir_p(ca_dir)

opt = {
    private_key_length: 2048,
    cert_country:  country,
    cert_state:    state,
    cert_locality: locality,
    cert_common_name: commonname,
}
cert, key = Fluent::SecureForward::CertUtil.generate_ca_pair(opt)

key_data = key.export(OpenSSL::Cipher.new('aes256'), passphrase)
File.open(File.join(ca_dir, 'ca_key.pem'), 'w') do |file|
  file.write key_data
end
File.open(File.join(ca_dir, 'ca_cert.pem'), 'w') do |file|
  file.write cert.to_pem
end

puts "successfully generated: ca_key.pem, ca_cert.pem"
puts "copy and use ca_cert.pem to client(out_secure_forward or out_forward (fluentd v1.x))"