Jump to: navigation, search

OpenSSL Certificates

Use OpenSSL certificates if you intend to run any applications that might require secure connections on UNIX. However, if you intend to run all of your applications on Windows, Genesys strongly recommends that you use Windows Certificate Services to generate certificates.

Supported Certificate and Key File Formats

  • X.509
  • PKCS#8
  • DER (.cer)
  • PEM (.pem, .cer)
  • PKCS#7
  • PKCS#12

Java/PSDK-based Applications

If you are going to be installing certificates for Java/PSDK-based applications on UNIX, such as Universal Contact Server (UCS), you will have to convert the private-key files generated by OpenSSL to a format compatible with those applications. The conversion must be done after they are generated but before they are installed, as given in the procedure below (see step 3).

Pre-requisites

The scripts that are used to generate certificates require the OpenSSL toolkit, which you can obtain from the OpenSSL Project website.

You can also obtain build binaries of OpenSSL tools for the Windows operating system from here.

Generation and Installation

To create and install certificates using OpenSSL, complete the following steps:

1. Set up a Certification Authority (CA). [+] Show steps
2. Generate certificates as required. [+] Show steps
3. If you are installing certificates on any Java-based PSDK applications, such as Universal Contact Server, convert the private key file to PKCS #8 format. Use the following command:
openssl pkcs8 -topk8 -nocrypt -in <serial_#>_<host_name>_priv_key.pem -out <serial_#>_<host_name>_priv_key_NEW.pem

The converted file <serial_#>_<host_name>_priv_key_NEW.pem will be compatible with Java-based PSDK applications.

4. Install the certificates. [+] Show steps
This page was last modified on April 21, 2016, at 13:09.

Feedback

Comment on this article:

blog comments powered by Disqus