Use the following steps to generate a self-signed SSL certificate using the OpenSSL utility:
- Run the below OpenSSL command to generate your private key and public certificate.
openssl req -newkey rsa:2048 -nodes -keyout domain.key -x509 -days 365 -out domain.cer
You will be prompted to add identifying information about your organization to the certificate. Since a self-signed certificate won’t be used publicly, this information isn’t necessary. If this certificate will be passed on to a certificate authority for signing, the information needs to be as accurate as possible.
- -newkey rsa:2048: Creates a 2048 bit RSA key for use with the certificate.
- -x509: Creates a self-signed certificate.
- -days: Determines the length of time in days that the certificate is being issued for. For a self-signed certificate, this value can be increased as necessary. “365” specifies that the certificate will be valid for 365 days.
- -nodes: Creates a certificate that does not require a passphrase.
Upon completion, the command creates two files: a private key (domain.key), and a public certificate (domain.cer). The key and certificate are valid for 365 days. Back up your certificate and key in a secure place (such as LastPass or 1Password.)
- Share the public certificate with your AS2 trading partner. The public certificate requires proper configuration in your partner’s AS2 software in order to enable the successful transmission of your encrypted messages over AS2.
- Update the certificate and private key on the AS2 connection in integrator.io