Follow this procedure to create a certificate for a C++ application.
About this task
The Campaign
listener implements SSL using the OpenSSL library. The OpenSSL
distribution includes a command-line program called
openssl that can create a certificate
file. For complete details on using this program, consult the
OpenSSL documentation or access the help by entering
-help when you run the
program.
Use the following procedure to create a self-signed
certificate that you can use when configuring a C++ HCL®
EMM component
for SSL.
Procedure
-
Run openssl at the command line.
This program and its associated configuration file,
openssl.cnf, are included
in the bin directory of the
Campaign installation. It is also available with the
OpenSSL distribution.
-
Generate a key. The following example command creates a key
named key.pem.
-
Generate a request.
The following example command creates a request named
request.pem.
req
-new -key key.pem -out
request.pem
The tool asks you a
series of questions. If you enter a period
(.) the field is left
blank. For a self-signed certificate, you must at
least enter the Common Name.
If you are using
the openssl tool from the
Campaign/bin directory, add
the -config parameter with a
value that points to the
openssl.cnf file in the
same directory. For example:
req
-config openssl.cnf -new -key key.pem -out
request.pem
-
Generate a certificate.
The following example command creates a certificate named
certificate.pem with an
expiration of 10,000 days from the day it was
created, using the
request.pem and
key.pem
files.
req -x509 -key key.pem -in
request.pem -days 10000 -out
certificate.pem
If you are using
the openssl tool from the
Campaign/bin directory, add
the -config parameter with a
value that points to the openssl.cnf
file in the same directory. For
example:
req -config openssl.cnf
-x509 -key key.pem -in request.pem -days 10000
-out certificate.pem
-
Using a text editor, copy the contents of your key and
certificate into a new file with a
.pem extension.