Page History
...
- Users can create a Certificate Signing Request (CSR) and ask their Certificate Authority (CA) to sign the CSR and to receive an X.509 Certificate. The Private Key or X.509 Certificate allow to derive the Public Key.
- User can create a selfCA-signed X.509 Certificate, see JS7 - How to create X.509 SSL TLS Certificates.
- Users can create a Private Key and Certificate as explained in the next chapter.
...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
# navigate to the Agent's <agent-data>\config\private directory Set-Location $env:Programdata\sos-berlin.com\js7\agent\config\private # create Private Key # for use with passphrase add: -passout pass:"secret" openssl ecparam -name secp384r1 -genkey -noout -out agent.key # create Certificate Signing Request openssl req -new -sha512 -nodes -key agent.key -out agent.csr -subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=Agent" # create Certificate $user_crt_tmp_file = New-TemporaryFile "keyUsage=critical,keyAgreement,keyEncipherment" | Out-File $user_crt_tmp_file # for passphrase add: -passin pass:"secret" openssl x509 -req -sha512 -days 1825 -signkey agent.key -in agent.csr -out agent.crt -extfile $user_crt_tmp_file Remove-Item -Path $user_crt_tmp_file -Force |
...
Overview
Content Tools