Question:
How can I create a self-signed certificate for use with the Node.js Validation service?
Answer:
To create a self-signed certificate for our Node.js Validation service, this can be done through PowerShell using the following instructions.
1. The first step is to install Chocolately using PowerShell.
Open Powershell via "Run As Administrator"
NOTE: Chocolatey, is a command line package manager, which helps to facilitate the deployment of software on a machine with the help of PowerShell.
More information can be found at their site. Chocolatey Software | What is Chocolatey?
2. To start the install of Chocolately, run the following command first to ensure that Get-ExecutionPolicy is not restricted.
Get-ExecutionPolicy
If it returns Restricted, then run the following,
Set-ExecutionPolicy AllSigned or Set-ExecutionPolicy Bypass –Scope Process
3. With that done, run the following command,
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
4. With Chocolately installed, now we'll install OpenSSL. Run the following command,
Choco install OpenSSL.Light
This will now install OpenSSL.Light onto the system.
5. Next is to set up a working directory where the certificates will be stored.
Run the following command to set a working directory.
New-Item –ItemType Directory –Path C:\Certs (This path can be anything.)
6. Create an OpenSSL configuration file by using the following command,
Invoke-WebRequest 'http://web.mit.edu/crypto/openssl.cnf' -OutFile C:\Certs\openssl.cnf
7. Finally, generate the Self Signed Certificate using OpenSSL by using the following command,
openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out C:\Certs\cert.pem -days 365 -subj "/CN=localhost"
KBA is applicable for both Cloud and On-premise Organizations.