Show TOC

Generating Self-Signed RSA Keys Using OpenSSLLocate this document in the navigation structure

Use the PKCS12 Keystore file in the $STREAMING_HOME/adapters/esp_open/lib/security directory to generate self-signed RSA keys using OpenSSL.

Context

Procedure

  1. Generate CA private key.
    openssl genrsa -rand -des3 -out ca.key 512
  2. Use that key to create the CA certificate.
    openssl req -new -x509 -days 365 -key ca.key -out ca.pem -outform PEM
  3. Export the CA certificate so it can be imported into clientTrustStore.
    openssl x509 -in ca.pem -out caCert.pem -outform PEM -signkey ca.key
  4. Generate the server private key.
    openssl genrsa -rand -des3 -out server.key 512
  5. Create a server certificate.
    openssl req -new -days 365 -key server.key -out server.crs
  6. Sign the server certificate with your CA certificate.
    openssl ca -in server.crs -out signedServerCert.pem -keyfile ca.key -cert caCert.pem
  7. Export the certificate to PKCS#12 format so it can be imported to Queue Manager store.
    openssl pkcs12 -export -in signedServerCert.pem -out pkcs12KeyStore.p12 -inkey server.key -name adaptor