Procedure
1. Create an OpenSSL configuration file.
For example:
[ req ]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = dnsserver10927.company.com
DNS.2 = dnsserver10938.company.com
DNS.3 = dnsserver10955.company.com
The alt_names section defines the Subject Alternative Names list and must contain
FQDNs of all nodes in the cluster.
2. Run the following command:
openssl req -out <CSR_request_file>.csr -newkey rsa:2048 -nodes –keyout
<CSR_key_file>.key -config <configuration_file>
In this command:
• <CSR_request_file>.csr specifies a CSR file name.
• <CSR_key_file>.key specifies a file containing a private key that is used to add the
signed certificate to the system.
• <configuration_file> specifies the OpenSSL configuration file that was created in
the previous step.
For example:
openssl req -out createCSR.csr -newkey rsa:2048 -nodes –keyout keyCSR.key -config
configCSR.config
Signing identity certificates for Avaya Aura
®
Web Gateway
using third-party CA certificates
About this task
You can use the following procedure to sign identity certificates for Avaya Aura
®
Web Gateway
using third-party CA certificates.
Note:
In the following procedure, the third-party CA certificate can be a public CA or an internal
private CA.
Certificate configuration using the configuration utility
October 2018 Deploying the Avaya Aura
®
Web Gateway 152
Comments on this document? infodev@avaya.com
To Next Page
Loading...
