How to Create SSL Certificates
Description:
This document describes how to create SSL certificates for NewsRoom 5 Server
Applies To:
Audience:
Create a folder called Demo on C:\
Here are the manual commands in the C:|demo folder / start Command Prompt as Admin
The following SSL Certificate creation process is outlined in the URL below:
https://blog.didierstevens.com/2015/03/30/howto-make-your-own-cert-with-openssl-on-windows/
Download OpenSSL
http://slproweb.com/products/Win32OpenSSL.html
use version - Win64 OpenSSL v1.0.2u
Before you start OpenSSL, you need to set 2 environment variables:
set RANDFILE=c:\demo\.rnd
set OPENSSL_CONF=C:\OpenSSL-Win64\bin\openssl.cfg
Start OpenSSL, type:
c:\OpenSSL-Win64\bin\openssl.exe
Generate a 4096-bit long RSA key for our root CA and store it in file ca.key:
genrsa -out ca.key 4096
Create our self-signed root CA certificate ca.crt; you?ll need to provide an identity for your root CA:
req -new -x509 -days 1826 -key ca.key -out ca.crt
Create our subordinate CA that will be used for the actual signing. First, generate the key:
genrsa -out ia.key 4096
Request a certificate for this subordinate CA:
req -new -key ia.key -out ia.csr
The Common Name you enter here is different from the Common Name you entered previously for the root CA. If they are the same, you will get an error later on when creating the pkcs12 file. Continued on next page...
Process the request for the subordinate CA certificate and get it signed by the root CA.
x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt
In the Demo folder , create a new text file called TrustBundle.txt
Paste the ca 1st , then the ia below it , save . Rename to TrustBundle.pem
Open SSL port in Windows & Router Firewalls
Confirm Mobile License is added to station
Open Port 4430 ( default)
Configure Mobile Options in NFSAdmin
The ca comes first in the Trustbundle.pem file
Then paste in the IA file
Replace 32 with 64 in Openssl statements
In NR5 Admin / Connections page
CertCal file is the Trustbundle.pem
Certificate file= ia.crt
Private Key=ia.key
Be sure to import the Trustbundle on the 2nd tab labeled Certificates
Contact
This email address is being protected from spambots. You need JavaScript enabled to view it.
for more information.