Open Source RDBMS - Seamless, Scalable, Stable and Free

한국어 | Login |Register

How to update OpenSSL key and crt files


OpenSSL private key and certificated files are used for https connection between client and CUBRID server. If you want to improve its security, you can generate them by yourself as following steps.

 

Prerequisites

Download and install  CUBRID  with the reference version. Note, OpenSSL was started from RB-8.4.3.

 

Generate and install OpenSSL files

Step 1. Go to directory where the openSSL files are stored.

cd $CUBRID/conf

Step 2. Backup the OpenSSL files.

mv  cm_ssl_cert.key cm_ssl_cert.key_bak

mv  cm_ssl_cert.crt cm_ssl_cert.crt_bak

 

Note: OpenSSL private key and certificated files was named differently in different CUBRID versions.

·cm_httpd.key/cm_httpd.crt is named in RB-8.4.3/RB-8.4.4/RB-9.1.0

·cm_ext.key/cm_ext.crt is named in RB-9.2.0

·cm_ssl_cert.key/cm_ssl_cert.crt is named in RB-8.4.5/RB-9.3.0/RB-10.0.0

 

Step 3. Generate OpenSSL private key.(No password needed.)

openssl genrsa -des3 -out cm_ssl_cert.key 2048

 

Input temp password: 123456

Remove the temp password

openssl rsa -in server.key -out cm_ssl_cert.key

Input temp password: 123456

 

Step 4. Generate certificated file.

openssl req -new -x509 -key cm_ssl_cert.key -out cm_ssl_cert.crt -days 365

Note: -days is meaning effective time. You can change it as your requirement.

 

comments powered by Disqus
Page info
viewed 1068 times
translations en
Author
posted 6 months ago by
bodo_qiao
Contributors
updated 6 months ago by
View revisions
tagged
Share this article