Dell Broadcom NetXtreme Family of Adapters User Manual

Windows Driver and Management Application Installation: Broadcom NetXtreme BCM57XX User Guide

file:///C|/Users/Nalina_N_S/Documents/NetXtreme/English/windrv.htm[9/5/2014 3:32:11 PM]

If this command does not work, try the following:

openssl req –new –key server.key –out server.csr –config openssl.cnf

The openssl.cnf file should be placed in the same directory where openssl is placed. Openssl.cnf is located in the
folder C:\Program Files (x86)\GnuWin32\share.

The following information is requested:

Country Name (2 letter code) []:US
State or Province Name (full name) []: California
Locality Name (e.g., city) []: Irvine
Organization Name (e.g., company) []: Broadcom Corporation
Organizational Unit Name (e.g., section) []: Engineering
Common Name (e.g., YOUR name) []: Enter the host name or IP address of the Windows server. For iPv6, enter
the Common Name in the format [xyxy:xxx:....::xxx], including the brackets [ ].
(Optional) Email Address []:

Enter the following additional attributes to be sent with your certificate request:

A challenge password []:password1
An optional company name []:

4. Remove the passphrase from the key.

Enter the following commands:

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

5. Generate a self-signed certificate:

To generate a self-signed certificate which is active for 365 days, enter the following command:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

The following output displays:

Signature ok
subject=/C=US/ST=California/L=Irvine/O=Broadcom Corporation/OU=Engineering/CN=MGMTAPP-
LAB3/emailAddress=
Getting Private key

6. Enter the following command to verify the generated self-signed certificate.

openssl verify server.crt

The following output displays:

server.crt:/C=US/ST=California/L=Irvine/O=Broadcom Corporation/OU=Engineering/CN=MGMTAPP-
LAB3/emailAddress=
error 18 at 0 depth lookup:self signed certificate
OK

Ignore the error message "error 18 at 0 depth lookup:self signed certificate". This error indicates that this is a self-
signed certificate.

7. Convert the certificate from "crt" to "pkcs12" format, as follows:

For a Windows server, the certificate should be in pkcs12 format. Enter the following command:

openssl pkcs12 -export -in server.crt -inkey server.key -out hostname.pfx

You will be prompted for the following:

Enter Export Password:
Verifying - Enter Export Password:

Enter the password and be sure to remember it. The password is required when importing the certificate on the
Windows server and client.

8. Make a copy of the certificate file server.crt and place it on the server where BACS will be installed, so that it can be

imported. If you plan to use a Windows client to connect to the server running BACS, then the certificate also needs to
be transferred (copied and pasted) to the client system.