The ctmkeytool script creates the private key file and the certificate signing request file, using the configuration file csr_params.cfg located in <Product Home Directory>/data/SSL/config directory. Verify that the user running the script has the correct permissions to create and update the directories.
The csr_params.cfg file is a standard openssl configuration file. If you have any requirements from the certificate, you can include them in this file.
Before running the script, edit the csr_params.cfg file and update the values of all its fields in the [dn] section. The CN field must contain the FQDN of the Control-M component.
The script usage is, as follows:
<ctmkeytool location>/ctmkeytool -create_csr -password <private key password>
This command creates the private key file and the certificate signing request file:
The default name for the generated private key file consists of the CN field in the configuration file, and the timestamp of the file generation. The suffix of the private key file is .pem. The file is located in one of the following locations:
The default name of the generated certificate signing request file consists of the CN field in the configuration file, and the timestamp of the file generation. The suffix of the certificate signing request file is .csr. The file is located in one of the following locations:
You can specify a different configuration file name using the -conf_file flag.
EXAMPLE:<ctmkeytool location>/ctmkeytool -create_csr -password <private key password> -conf_file <Product Home Directory>/config_files/csr_config_file.cfg
To specify a different name for the created private key file and certificate signing request file, use the -out flag.
EXAMPLE: <ctmkeytool location>/ctmkeytool -create_csr -password <private key password> -out <filename>
The provided name is used for both the pem file and the csr file.
Parent Topic |