You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Generating a Self-Signed Certificate for the WebSocket Server
Open Command Line Interface:
o Open your command line tool (Terminal on Unix-like systems, Command Prompt or PowerShell on Windows).
Generate a Private Key:
o Run the following command to create a new private key (privateKey.pem):
o openssl genrsa -out privateKey.pem 2048
Create a Self-Signed Certificate:
o openssl req -new -x509 -key privateKey.pem -out certificate.pem -days 365
o Now, generate a self-signed certificate (certificate.pem) using the private key:
o During this process, you'll be prompted to enter details like your country, state, organization name, etc. These details are used to fill out the certificate's subject field. NOTE: In the Common Name field, you MUST enter your hostname (e.g. 127.0.0.1) or you will probably get SSL errors.
Generating a Client Certificate
Generate a Client Private Key:
o Use OpenSSL to generate a private key for the client. Open your command line tool and run:
o openssl genrsa -out clientPrivateKey.pem 2048
Generate a Certificate Signing Request (CSR):
o openssl req -new -key clientPrivateKey.pem -out clientCSR.csr
o Create a CSR using the client's private key. This request will be used to generate the actual certificate. o You'll be prompted to enter details like country, state, and organization. Fill these out as required.
Generate the Client Certificate:
o Now, you need to create a client certificate from the CSR. If you are using a self-signed server certificate, you can sign the client CSR with the server's private key, effectively making the server act as a CA.
o openssl x509 -req -in clientCSR.csr -CA certificate.pem -CAkey privateKey.pem -CAcreateserial -out clientCertificate.pem -days 365
o This command uses your previously created server certificate
(certificate.pem) and private key (privateKey.pem) to sign the client's CSR, creating a client certificate (clientCertificate.pem).
