Self-Signed Certificates with OpenSSL (10.x)

Security Gateway Articles and How to's
Posts: 6
Joined: 03 Sep 2010, 08:16
Location: Clavister HQ - Örnsköldsvik

Self-Signed Certificates with OpenSSL (10.x)

Post by Siby » 22 Oct 2010, 13:17

This How-to applies to:
  • Clavister Security Gateway 8.x, 9.x and 10.x
  • Creating self-signed certificates with OpenSSL

1. Generate a Private Key
  • The OpenSSL software runs from a command prompt. So start with opening a command prompt.

    Navigate to the directory that you want your files to be stored in.

    x:\openssl genrsa -des3 -out certificate.key 2048

    This will generate a .key file containing a RSA private key.
2. Generate a Certificate Signing Request
  • I:\>openssl req -new -key certificate.key -out certificate.csr

    Instructions on how to enter the values into the .csr file will appear on the screen.
3. Removing the pass phrase from the key (If this is not performed CorePlus will not accept the key since the file is password protected)
  • Start by making a copy of the key file.
    x:\cp certificate.key

    Then remove the password.
    x:\openssl rsa -in -out certificate.key
4. Generate the actual certificate.
  • x:\openssl x509 -req -days 365 -in certificate.csr -signkey certificate.key -out certificate.crt
That is it, this self-signed certificate will work with CorePlus but remember that you will have to create one for "GW-1" and another for "GW-2".

Posts: 41
Joined: 24 Oct 2016, 08:23

Re: Self-Signed Certificates with OpenSSL (10.x)

Post by mape » 13 Dec 2016, 13:35

Also works with cOS Core 11.x.