Use OpenSSL certificates if you intend to run any applications that might require secure connections on UNIX. However, if you intend to run all of your applications on Windows, Genesys strongly recommends that you use Windows Certificate Services to generate certificates.
Supported Certificate and Key File Formats
- DER (.cer)
- PEM (.pem, .cer)
If you are going to be installing certificates for Java/PSDK-based applications on UNIX, such as Universal Contact Server (UCS), you will have to convert the private-key files generated by OpenSSL to a format compatible with those applications. The conversion must be done after they are generated but before they are installed, as given in the procedure below (see step 3).
The scripts that are used to generate certificates require the OpenSSL toolkit, which you can obtain from the OpenSSL Project website.
You can also obtain build binaries of OpenSSL tools for the Windows operating system from here.
Generation and Installation
To create and install certificates using OpenSSL, complete the following steps:
|1. Set up a Certification Authority (CA). [+] Show steps|
|2. Generate certificates as required. [+] Show steps|
| 3. If you are installing certificates on any Java-based PSDK applications, such as Universal Contact Server, convert the private key file to PKCS #8 format. Use the following command:
The converted file <serial_#>_<host_name>_priv_key_NEW.pem will be compatible with Java-based PSDK applications.
|4. Install the certificates. [+] Show steps|