Use the openssl tool to convert the CRT to a PEM format, which is readable by Reporter. Subject=/C=US/ST=California/L=Berkeley/O=BlueCoat/OU=IT/CN=/emī) You must enter the pass phrase for the server.key that you entered in the step 1 above.Ĭ) The server.crt generates in Blue Coat Reporter 9\utilities\ssl and you need to use this CRT to convert it to PEM format, which can be readable by Reporter. Openssl> x509 -req -days 365 -in server.csr -signkey server.key -sha256 -out server.crt This example uses a self-signed certificate method by using the openssl tool to generate a temporary certificate that generates an error in the client browser to the effect that the signing certificate authority is unknown and not trusted.Ī) To generate a temporary certificate, which is good for 365 days, issue the following command: Or you can use self-sign the CSR if you either do not plan to have your certificate signed by a CA or you want to just test it only while the CA is signing your certificate. Step 3: Generating a Self-Signed CertificateĪs mentioned above, you must send the CSR to Certificate Authority, such as Verisign, that verifies the identity of the requestor and issues a signed certificate. Please enter the following 'extra' attributesĬ) The server.csr generates in Blue Coat Reporter 9\utilities\ssl and you can use this CSR to submit to CA to issue a signed certificate. Organizational Unit Name (eg, section) :For example: ITĬommon Name (eg, your name or your server's hostname) :For example: Įmail Address :For example: Organization Name (eg, company) : For example: BlueCoat Locality Name (eg, city) : For example: Berkeley State or Province Name (full name) : For example: California Openssl> req -new -key server.key -sha256 -out server.csrī) This command prompts for the following X.509 attributes of the certificate.Įnter appropriate information based on the environment for example:Ĭountry Name (2 letter code) : For example: US or CA. csrĪ) Enter the following command at the prompt: The command to generate the CSR is as follows: These are the X.509 attributes of the certificate.īlue Coat recommends SHA-2 for Certificates. The second option is to self-sign the CSR (Step 3 uses this for demonstration).ĭuring the generation of the CSR, you are prompted for several pieces of information. The CSR is sent to a Certificate Authority, such as Verisign, that verifies the identity of the requestor and issues a signed certificate. Step 2: Generate a CSR (Certificate Signing Request)Īfter the private key is generated, you can generate a Certificate Signing Request. Generating RSA private key, 1024 bit long modulusĬ) The server.key generates in Blue Coat Reporter 9\utilities\ssl this is required later in the procedure. Loading 'screen' into random state - done Openssl >genrsa -des3 -out server.key 2048ī) After pressing Enter, you are asked to enter a pass phrase for the server.key. Openssl >genrsa -des3 -out server.key 1024 If it uses encrypted key, openssl asks for pass phrase.Ī) Double-click the openssl tool under Blue Coat Reporter 9\utilities\ssl and enter the following command: The key length 1024 is not long enough the recommended length is 2048. Blue Coat does not recommend non-encrypted key. This key is a 1024-bit or 2048 RSA key with encrypted. The first step is to create your RSA Private Key. It can also be used to generate self-signed certificates that can be used for testing purposes or internal usage (more details in Step 3). Use the openssl toolkit, which is available in Blue Coat Reporter 9\utilities\ssl, to generate an RSA Private Key and CSR (Certificate Signing Request). In Windows with Reporter installed, the OpenSSL utility is located in " Program Files\Blue Coat Reporter 9\utilities\ssl" You can use the Reporter OpenSSL utility to generate a Private Key, Certificate Siging Request (CSR) and Self-Signed Certificate.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |