Table of Contents
Advertisement
Self-Signed Private Certificates
If you wish to create your own self-signed encryption key and certificate, a free
utility – openssl.exe – is available for download over the web at
www.openssl.org. To create your private key and certificate do the following:
1. Go to the directory where you downloaded and extracted openssl.exe to.
2. Run openssl.exe with the following parameters:
openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509
-keyout CA.key
Note: 1. The command should be entered all on one line (i.e., do not press
[Enter] until all the parameters have been keyed in).
2. If there are spaces in the input, surround the entry in quotes (e.g.,
"ATEN International").
To avoid having to input information during key generation the following
additional parameters can be used:
/C /ST /L /O /OU /CN /emailAddress.
Examples
openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509
-keyout CA.key
/C=yourcountry/ST=yourstateorprovince/L=yourlocationor
city/O=yourorganiztion/OU=yourorganizationalunit/
CN=yourcommonname/emailAddress=name@yourcompany.com
openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509
-keyout CA.key
/C=CA/ST=BC/L=Richmond/O="ATEN International"/OU=ATEN
/CN=ATEN/emailAddress=eservice@aten.com.tw
Importing the Files
After the openssl.exe program completes, two files – CA.key (the private key)
and CA.cer (the self-signed SSL certificate) – are created in the directory that
you ran the program from. These are the files that you upload in the Private
Certificate panel of the Security page (see Security, page 162, and Private
Certificate, page 170).
-out CA.cer -config openssl.cnf
-out CA.cer -config openssl.cnf -subj
-out CA.cer -config openssl.cnf -subj
Appendix
263
Advertisement
Table of Contents
