Manage Docker Certificates With Easyrsa3

Every now and then I spin up a small CA for a service. I’m doing it for OpenVPN, internal https traffic, even for my sensu instance. As I expected, this technique works just fine with Docker as well. My tool of choice is easyrsa. The tool itself is not rocket science, but it’s well structured, easy to use, and it’s versatile. Let me show you around.


The day ruby 2.0.0 has been released, I wanted to use it. I have built it the day after on my notebook, but it took more than two times as much time to run all the specs for my recent rails project, than with 1.9.3-p327 with falcon-gc. I’m certainly getting the wrong results, don’t I? Sure I do. Yesterday I grabbed my pickaxe, to dig out the root of the problem.

Stop the Octopress

Back to basics, you might think. When I started blogging, I wrote my own engine in PHP. It was a breeze to use, it had modules and styles (called flavours), and blog posts could be written as files. However, it was not a content generator engine, since it picked up these text files on every hit.