Product Documentation

Generating Security Keys and Certificates

Dec 07, 2012

CloudBridge products are shipped without the required keys and certificates for the SSL signaling tunnel. You must generate them yourself. You can generate keys and certificates through your normal process for generating credentials, or with the "openssl" package from http://www.openssl.org.

For testing purposes, you can generate and use a self-signed X509 certificate based on a private key (which you also generate). In production, use certificates that refer to a trusted certifying authority. The following example calls openssl from the command line on a PC to generate a private key (my.key) and self-signed certificate (my.crt):
# Generate a 2048-bit private key 
openssl genrsa -out my.key 2048 
# Now create a Certificate Signing Request 
openssl req -new -key my.key -out my.csr 
# Finally, create a self-signed certificate with a 365-day expiration 
openssl x509 -req -days 365 -in my.csr -signkey my.key -out my.crt

For production use, consult your organization's security policies.