Key Generation

From Roaring Penguin
Jump to: navigation, search

How do I regenerate the private key from the appliance?

Run:

  openssl genrsa -out <hostname>.key 2048

That will create a file called "<hostname>.key" with your private key in it.

Next, you create a certificate signing request:

  openssl req -new -key <hostname>.com.key -out <hostname>.com.csr

You'll be prompted for various pieces of information; answer them. The most important is the "Common Name" which should be whatever host name you have chosen for the CanIt machine.

Once the file "<hostname>.csr" has been created, you submit it to your CA. Eventually you'll get back a certificate bundle. You paste the private key (that sits in the <hostname>.key file) into the private key box and the certificates into the certificate box.