Question:
How can I create a self-signed certificate for use with the Node.js Validation service?
Answer:
In order to create a self-signed certificate that can be used with our Node.js Validation service, this can be done through PowerShell using the following instructions.
The first step is to install Chocolately using PowerShell.
Open Powershell via "Run As Administrator"
NOTE: Chocolatey, is a command line package manager, which helps to facilitate the deployment of software on a machine with the help of PowerShell.
More information can be found at their site. Chocolatey Software | What is Chocolatey?
To start the install of Chocolately, run the following command first to make sure that Get-ExecutionPolicy is not restricted.
Get-ExecutionPolicy
If it returns Restricted, then run the following,
Set-ExecutionPolicy AllSigned or Set-ExecutionPolicy Bypass –Scope Process
With that done, run the following command,
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
With Chocolately installed, now we'll install OpenSSL. Run the following command,
Choco install OpenSSL.Light
This will now install OpenSSL.Light onto the system.
Next is to setup a working directory where the certificates will be stored.
Run the following command to set a working directory.
New-Item –ItemType Directory –Path C:\Certs (This path can be anything.)
Now we'll create an OpenSSL configuration file by using the following command,
Invoke-WebRequest 'http://web.mit.edu/crypto/openssl.cnf' -OutFile C:\Certs\openssl.cnf
Finally we can generate the Self Signed Certificate using OpenSSL by using the following command,
openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out C:\Certs\cert.pem -days 365 -subj "/CN=localhost"
KBA applicable for both Cloud and On-premise Organizations.