Instruction for creating self signed certificates for IBM Cloud Management Platform

Tools needed for creating certificates

openssl

Steps to generate certificates

To generate a self-signed SSL certificate using the OpenSSL, complete the following steps:

1) Write down the Common Name (CN) for your SSL Certificate. The CN is the fully qualified name for the system that uses the certificate. If you are using Dynamic DNS, your CN should have a wild-card, for example: *.api.com. Otherwise, use the hostname or IP address set in your Gateway Cluster (for example. 192.16.183.131 or dp1.acme.com).

2) Run the following OpenSSL command to generate your private key and public certificate. Answer the questions and enter the Common Name when prompted.

 ```
 openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
 ```

3) Review the created certificate:

 ```
 openssl x509 -text -noout -in certificate.pem
 ```

4) Move key.pem to grav.key:

 ```
 mv key.pem grav.key
 ```

5) Move certificate.pem to grav.crt:

 ```
 mv certificate.pem grav.crt
 ```

Refer to the following link to learn how to create a self-signed certificate: Generate self signed certificate using OpenSSL