Open Source RDBMS - Seamless, Scalable, Stable and Free

한국어 | Login |Register

How to update OpenSSL key and crt files

OpenSSL private key and certificated files are used for https connection between client and CUBRID server. If you want to improve its security, you can generate them by yourself as following steps.



Download and install  CUBRID  with the reference version. Note, OpenSSL was started from RB-8.4.3.


Generate and install OpenSSL files

Step 1. Go to directory where the openSSL files are stored.

cd $CUBRID/conf

Step 2. Backup the OpenSSL files.

mv  cm_ssl_cert.key cm_ssl_cert.key_bak

mv  cm_ssl_cert.crt cm_ssl_cert.crt_bak


Note: OpenSSL private key and certificated files was named differently in different CUBRID versions.

·cm_httpd.key/cm_httpd.crt is named in RB-8.4.3/RB-8.4.4/RB-9.1.0

·cm_ext.key/cm_ext.crt is named in RB-9.2.0

·cm_ssl_cert.key/cm_ssl_cert.crt is named in RB-8.4.5/RB-9.3.0/RB-10.0.0


Step 3. Generate OpenSSL private key.

openssl genrsa -des3 -out cm_ssl_cert.key 2048

Input temp password: 123456


Step 4. Remove password in the private key.

openssl rsa -in cm_ssl_cert.key -out cm_ssl_cert.key

Input temp password: 123456


Step 5. Generate certificated file.

openssl req -new -x509 -key cm_ssl_cert.key -out cm_ssl_cert.crt -days 365

Note: -days is meaning effective time. You can change it as your requirement.

comments powered by Disqus
Page info
viewed 6574 times
translations en
posted 3 years ago by
updated 2 years ago by
View revisions
Share this article