Generating public-private key pairs

A cryptographic key pair is a set of two cryptographic keys (one public and one private) that is used to start an SSL session. Before requesting a certificate from the CA, you must use this procedure to generate a cryptographic key pair and assign that key pair to the new certificate.

To generate public-private key pairs for a certificate:

1. In the sslcmd menu, select option 1 Generate key to generate a public-private key pair.
2. At the Enter Identity prompt, enter an alias ID that identifies the public-private key pair.

   The following default alias names are specified in the UNIX .plc file or the Microsoft Windows Registry:

   Locations of alias IDs for public-private key pairs

   For communication from	Location
   Control-M/Server to Control-M/Agent	NSDN is specified in the ns.plc file.
   Control-M/Server to Control-M/EM	CODN is specified in the co.plc file.
   Control-M/Server Configuration Agent to Con\-trol-M Configuration Server	CADN is specified in the ca.plc file.
   Control-M/Agent to Control-M/Server	AGDN is specified in the ag.plc file.
   Control-M/EM to Control-M/Server	CODN is specified in the gtw.plc file.
   Control-M/EM to Control-M Configuration Agent	CADN is specified in the cmsg.plc file.

3. At the Enter keypair type prompt, press Enter (or any key except D) to specify the RSA.
4. Enter the key length in bits (512 or 1024).

   If the key pair is generated successfully, the following message is displayed:

   Command Generate key successful

5. In the sslcmd menu, select option 5 List keys to verify that the key pair is displayed.

   For each public-private key pair, the utility lists the alias assigned to the certificate that uses that key pair.