Skip to content

Gateway Certs Generator Opensource Repository: gateway-certs-generator is OpenVPN TLS certificate configuration generator for slice gateways.


Notifications You must be signed in to change notification settings


Certificate Generator for Slice Gateway

The gateway-certs-generator is an opinionated single-file OpenVPN TLS certificate configuration generator for slice gateways. It enhances easy-rsa (typically bundled with OpenVPN).

easy-rsa is a CLI tool/utility to build and manage a PKI CA. use the CLI tool easy-rsa. Using the tool, create a root certificate authority, and request and sign certificates including intermediate CAs and certificate revocation lists (CRL).

Get Started

It is strongly recommended that you use a released version.

Refer to our documentation on:

Build and Deploy Certificate Generator on a Kind Cluster

To generate certificates, the controller requires the 'gateway-cert-generator' image. So, we create the image and use the image version in the controller values file.


Before you begin, make sure the following prerequisites are met:

Set up Your Helm Repo

If you have not added avesha helm repo yet, add it.

helm repo add avesha

Upgrade the avesha helm repo.

helm repo update

Build Your Docker Image

To download the latest docker image for gateway-certs-generator, click here.

  1. Clone the latest version of gateway-certs-generator from the master branch.

    git clone /~
    cd gateway-certs-generator
  2. Modify the image name variable IMG in the Makefile to change the docker tag to be built. The default image is set as IMG ?= aveshasystems/gateway-certs-generator:latest. Modify as needed.

    make docker-build

Run Local Image on Kind Cluster

  1. Load the gateway-certs-generator image into your kind cluster (kind). If needed, replace aveshasystems/gateway-certs-generator with your locally built image name in the previous step.
  • Note: If you use a named cluster, specify the name of the cluster you wish to load the images into. See loading an image into your kind cluster.

    kind load docker-image aveshasystems/gateway-certs-generator --name cluster-name


    kind load docker-image aveshasystems/kubeslice-controller --name kind
  1. Check the loaded image in the cluster. Modify the node name if required.
  • Note: kind-control-plane is the name of the Docker container. Modify as needed.

    docker exec -it kind-control-plane critical images

Deploy the Certificate Generator on a Cluster

  1. Create the chart values file called yourvaluesfile.yaml. Refer to values.yaml to update the kubeslice-controller image to the local build image.

From the sample:

      image: aveshasystems/gateway-certs-generator
      tag: 0.1.0

Change it to:

      image: <my-custom-image> 
      tag: <unique-tag>
  1. Deploy the updated chart.

    make chart-deploy VALUESFILE=yourvaluesfile.yaml

Uninstall the KubeSlice Controller

For more information, see uninstalling KubeSlice.

make chart-undeploy


Apache License 2.0


Gateway Certs Generator Opensource Repository: gateway-certs-generator is OpenVPN TLS certificate configuration generator for slice gateways.




Code of conduct

Security policy





No packages published