Generating self-signed certificates
Self-signed certificates are used for creating certificate files that you can install in the Windows™ Certificate Store.
If you only plan to use the public and private key pair, skip this section and go to Configuring the IBM RPA Vault instead.
If you want to use a certificate as your System Vault's private key, see the Procedure and make sure to fulfill the requirements described in Before you begin.
Before you begin
- See Planning for using the IBM RPA Vault to ensure that you need to create a self-signed certificate.
- See Generating a private and public key pair before proceeding.
Procedure
-
On the OpenSSL command prompt, type:
req -x509 -sha256 -newkey rsa:2048 -keyout keyname.key -out certificatename.crt -days 365Where
keyname.keyis the generated key file andcertificatename.crtis the generated certificate file. This command creates a 2048 bits RSA key, following the X.509 standard with a SHA256 hash valid for 365 days.You must add a password to protect the key file.
-
The application then asks for specific information regarding the Certificate Authority signing the certificate:
-
Provide the required information, and press enter to finish.
What to do next
After you generate a self-signed certificate, you must generate a PKCS#12 file to install it in the Certificate Store. See the following links to proceed: