$ openssl x509 -in ap_keys/ap-inventory-id.pem -text -noout # Optional - Show the content of the client certificate See the contents of following scripts and use them as a baseline: If you need to generate more server and/or client certificates, then read on. If all you need is a single server certificate and a single client certificate, then you may stop here. Note: You will not be able to use the client certificate to run a server. MQTT Server certificates are to be used by the mqtt server, they have its hostname encoded.Ĭlient certificates are to be used by the APs and AP simulators.
![digicert openssl tool digicert openssl tool](https://nakedsecurity.sophos.com/wp-content/uploads/sites/2/2020/07/dc-key-640.png)
Server certificates are to be used by all the services in the cloud.
#Digicert openssl tool password#
Mqttserverkey_dec.pem <- MQTT Server private key, unprotectedĬlientcert.pem <- Client public certificateĬlientkey.pem <- Client private key, unprotectedĬlient.pkcs12 <- Client private key and public certificate in pkcs12 format, protected by passwordĬlient_keystore.jks <- Client private key and public certificate in jks format, protected by password Mqttserverkey.pem <- MQTT Server private key, protected by the pass-phrase Mqttservercert.pem <- MQTT Server public certificate Server_keystore.jks <- Server private key and public certificate in jks format, protected by password Server.pkcs12 <- Server private key and public certificate in pkcs12 format, protected by password Serverkey_dec.pem <- Server private key, unprotected Serverkey.pem <- Server private key, protected by the pass-phrase Servercert.pem <- Server public certificate Truststore.jks <- CA public certificate in jks format TestCA/cacert.pem <- CA public certificate