Page History
...
Generate private key in PKCS8 format (server.key) for the Chariot server using the command below.
Code Block language text openssl genrsa -out certs/server/server.key 2048
******* Convert from PKCS8 format to PCKS1 until Chariot supports PKCS8 format CS-612 *********
Code Block language text openssl rsa -in certs/server/server.key -traditional -out certs/server/server.key
Generate a Certificate Signing Request (CSR) for the Chariot server using the command below. This command generates a new CSR named "server.csr’ using the RSA private key "server.key".
Code Block language text openssl req -new -key certs/server/server.key -out certs/server/server.csr
Note There are a number of fields associated with the creation of the certificate. Fill them out with your relevant details where the Common Name must be the Fully Qualified Domain Name (FQDN) of the Chariot server.
Sign the Server CSR with the Server CA using the command below. This command will sign the CSR "server.csr" with the Server CA certificate ‘serverCA.crt’ and RSA private key ‘serverCA.key’, creating a new X.509 certificate named ‘serverCA.crt’ valid for 3650 days (10 years). A "serverCA.srl" file will also be created containing the signed certificate's unique serial number. You will be required to enter the pass phrase associated with the private key file "serverCA.key".
Code Block language text openssl x509 -req -in certs/server/server.csr -CA ca/server/serverCA.crt -CAkey ca/server/serverCA.key -CAcreateserial -out certs/server/server.crt -days 3653650
Anchor GenerateMQTTEngineClientCertificate GenerateMQTTEngineClientCertificate
Generate MQTT Engine Client certificate signed with the Engine CA’s private key
| GenerateMQTTEngineClientCertificate | |
| GenerateMQTTEngineClientCertificate |
...
Overview
Content Tools