Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

For production systems you will need to get SSL certificates from a Certificate Authority. For test systems, creating a self-signed SSL certificate and keys using OpenSSL is quite easy.

You will need to have OpenSSL installed.

Create a public/private key file pair:

 Windows:

  1. Create a new directory on the drive Iguana is installed and give it an appropriate name (i.e., Test).

  2. Open a Command Prompt window and go to the new directory. For example

    cd Test

  3. Type the path of the OpenSSL install directory, followed by the RSA key algorithm. For example:

    c:openssl\bin\openssl genrsa -out privkey.pem 4096

You will see the key being generated: 

Loading 'screen' into random state - done
Generating RSA private key, 4096 bit long modulus
.................................+++
...........................................+++
e is 65537 (0x10001)

  1. Run the following command to split the generated file into separate private and public key files

    c:openssl\bin\openssl rsa -in privkey.pem -out pubkey.pem -pubout -outform PEM
 Linux or Mac OS X:

  1. Use the ssh-keygen utility which is included as part of most POSIX systems.

  2. Create a new directory and give it an appropriate name (i.e., Test).

  3. Open a Command Prompt window and go to the new directory. For example:

    cd Test

  4. Use the rsa option to create a public private key pair (using your email as a comment):

    ssh-keygen -t rsa -b 4096 -C "your_email@example.com" -m PEM

Create a certificate file:

 Windows / Linux / macOs:

  1. Open a command prompt window and go to the directory you created earlier for the public/private key file. For example:

cd Test

  1. Enter the path of the OpenSSL install directory, followed by the self-signed certificate algorithm. For example:

c:openssl\bin\openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

  1. Follow the instructions that appear in the screen. For example:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:Ontario
Locality Name (eg, city) []:Toronto
Organization Name (eg, company) [Internet Widgits Pty Ltd]:iNTERFACEWARE
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

  • No labels