From a40888d343a9b1f4ad0b96885f50ccf70e8f8496 Mon Sep 17 00:00:00 2001
From: Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.com>
Date: Mon, 25 Sep 2023 18:47:38 +0500
Subject: [PATCH] fix: make dev_tls with volume https (#4866)

---
 docker/Makefile        | 12 ++++++------
 docker/compose/tls.env |  4 ++++
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docker/Makefile b/docker/Makefile
index b473245e8..89a896f77 100644
--- a/docker/Makefile
+++ b/docker/Makefile
@@ -102,12 +102,12 @@ clean:
 	rm ./weed
 
 certstrap:
-	go get github.com/square/certstrap
-	certstrap --depot-path compose/tls init --passphrase "" --common-name "SeaweedFS CA" || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name volume01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name master01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name filer01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name client01.dev || true
+	go install -v github.com/square/certstrap@latest
+	certstrap --depot-path compose/tls init --curve P-256 --passphrase "" --common-name "SeaweedFS CA" || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --domain localhost --common-name volume01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name master01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name filer01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name client01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" volume01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" master01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" filer01.dev || true
diff --git a/docker/compose/tls.env b/docker/compose/tls.env
index 3a52fce52..d80a3abbd 100644
--- a/docker/compose/tls.env
+++ b/docker/compose/tls.env
@@ -12,5 +12,9 @@ WEED_GRPC_MASTER_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,clie
 WEED_GRPC_VOLUME_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
 WEED_GRPC_FILER_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
 WEED_GRPC_CLIENT_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
+WEED_HTTPS_CLIENT_ENABLE=true
+WEED_HTTPS_VOLUME_CERT=/etc/seaweedfs/tls/volume01.dev.crt
+WEED_HTTPS_VOLUME_KEY=/etc/seaweedfs/tls/volume01.dev.key
+WEED_HTTPS_VOLUME_CA=/etc/seaweedfs/tls/SeaweedFS_CA.crt
 #GRPC_GO_LOG_SEVERITY_LEVEL=info
 #GRPC_GO_LOG_VERBOSITY_LEVEL=2
\ No newline at end of file