How to create a certificate?

OpenSSL library is used here with the help of OpenSSL Command Prompt that can be found here.

• For Windows, make sure you run the prompt with elevated privileges (Run as Administrator)

Here are the commands to create a .crt file to be used for authenticating against the VaultN API.

openssl req -new -newkey rsa:2048 -passout pass:password -nodes -out sample.csr -keyout sample.key

openssl x509 -req -days 365 -in sample.csr -signkey sample.key -out sample.crt

openssl pkcs12 -export -in sample.crt -inkey sample.key -out sample.pfx

• The first command should prompt multiple short input, the last of which is an e-mail address. If you cannot reach that prompt, it could mean there are issues, possibly with privileges.
• It creates 4 files in your working folder. (.crt, .csr, .key, .pfx files) .crt file is to be uploaded to VaultN via UI.
• Upload the .crt file on the VaultN UI.
  • VaultN -> Settings -> Certificates -> + Add Certificate

Additional Notes

• -pass parameter in the first command defines the password that you will be asked for in the second command and during the token creation later.
• -days parameter in the second command defines the validity period of the certificate and may be adjusted as seen fit.
• In case of re-uploads to VaultN, .crt filename should be different than the existing certificates. Upload may fail without prompt in case of same filenames.