Self-signed private certificates, Examples, Importing the files – ATEN ALTUSCN KH1516I User Manual

Appendix

151

Self-Signed Private Certificates

If you wish to create your own self-signed encryption key and certificate, a free
utility – openssl.exe – is available for download over the web at
www.openssl.org. To create your private key and certificate do the following:

1. Go to the directory where you downloaded and extracted openssl.exe to.

2. Run openssl.exe with the following parameters:

openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509

-keyout CA.key -out CA.cer -config openssl.cnf

Note: 1. The command should be entered all on one line (i.e., do not press

[Enter] until all the parameters have been keyed in).

2. If there are spaces in the input, surround the entry in quotes (e.g.,

“ATEN International”).

To avoid having to input information during key generation the following
additional parameters can be used:

/C /ST /L /O /OU /CN /emailAddress.

Examples

openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509

-keyout CA.key -out CA.cer -config openssl.cnf -subj

/C=yourcountry/ST=yourstateorprovince/L=yourlocationor

city/O=yourorganiztion/OU=yourorganizationalunit/

CN=yourcommonname/[email protected]

openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509

-keyout CA.key -out CA.cer -config openssl.cnf -subj

/C=CA/ST=BC/L=Richmond/O="ATEN International"/OU=ATEN

/CN=ATEN/[email protected]

Importing the Files

After the openssl.exe program completes, two files – CA.key (the private key)
and CA.cer (the self-signed SSL certificate) – are created in the directory that
you ran the program from. These are the files that you upload in the Private
Certificate panel of the Security page (see page 57).