Bring your own TLS Certification

This is an optional step if you wish to generate TLS sertification yourself.

By default, the certificates will be generated automatically on the first start of DKG tool. The following steps are not required for the correct setup.

However, if you want to generate the certificates yourself, you can follow the steps below.

First of all, if you already started the DKG tool it did generate the certificates for you. If that is the case:

Stop the DKG tool with docker stop ssv-dkg
Check if there is a ssldirectory created in the operator-config
If there is — delete it with sudo rm -r ssl
Proceed with the next steps

Navigate to the operator-config directory and use the following commands to create the key and certificate.

mkdir ssl
cd ssl
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout "tls.key" -out "tls.crt"

After that your ssv-dkg-data should look like that:

ssv@localhost:~/ssv-dkg# tree ssv-dkg-data
ssv-dkg-data
├── encrypted_private_key.json
├── operator.yaml
├── password
└── ssl
    ├── tls.crt
    └── tls.key

2 directories, 5 files

Lastly, you need to specify the path to these files using the serverTLSCertPath and serverTLSCertPath configuration parameters in your operator.yaml config file.

PreviousStart DKG Node NextFinal Steps

Last updated 19 days ago

Was this helpful?