Create PKCS#12 file with self-signed certificate via OpenSSL in Windows

1.GenerateanRSAprivatekey: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e g e n r s a o u t < K e y F i l e n a m e > < K e y S i z e > Where: < K e y F i l e n a m e > isthedesiredfilenamefortheprivatekeyfile < K e y S i z e > isthedesiredkeylengthofeither1024,2048,or4096 Forexample,type: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e g e n r s a o u t m y _ k e y . k e y 2 0 4 8 . 2.GenerateaCertificateSigningRequest: Inversion0.9.8handlater: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e r e q n e w k e y < K e y F i l e n a m e > o u t < R e q u e s t F i l e n a m e > c o n f i g C : \ O p e n s s l \ b i n \ o p e n s s l . c f g Where: < K e y F i l e n a m e > istheinputfilenameofthepreviouslygeneratedprivatekey < R e q u e s t F i l e n a m e > istheoutputfilenameofthecertificatesigningrequest Forexample,type: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e r e q n e w k e y m y _ k e y . k e y o u t m y _ r e q u e s t . c s r c o n f i g C : \ O p e n s s l \ b i n \ o p e n s s l . c n f 3.Followtheonscreenpromptsfortherequiredcertificaterequestinformation. 4.Generateaselfsignedpubliccertificatebasedontherequest: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e x 5 0 9 r e q d a y s 3 6 5 0 i n < R e q u e s t F i l e n a m e > s i g n k e y < K e y F i l e n a m e > o u t < C e r t i f i c a t e F i l e n a m e > Where: < R e q u e s t F i l e n a m e > istheinputfilenameofthecertificatesigningrequest

< K e y F i l e n a m e > istheinputfilenameofthepreviouslygeneratedprivatekey < C e r t i f i c a t e F i l e n a m e > istheoutputfilenameofthepubliccertificate Forexample,type: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e x 5 0 9 r e q d a y s 3 6 5 0 i n m y _ r e q u e s t . c s r s i g n k e y m y _ k e y . k e y o u t m y _ c e r t . c r t 5.GenerateaPKCS#12file: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e p k c s 1 2 k e y p b e P B E S H A 1 3 D E S c e r t p b e P B E S H A 1 3 D E S e x p o r t i n < P u b l i c C e r t i f i c a t e F i l e n a m e > i n k e y < P r i v a t e K e y F i l e n a m e > o u t < P K C S # 1 2 F i l e n a m e > n a m e " < D i s p l a y N a m e > " Where: < P u b l i c C e r t i f i c a t e F i l e n a m e > istheinputfilenameofthepubliccertificate,inPEM format < P r i v a t e K e y F i l e n a m e > istheinputfilenameoftheprivatekey < P K C S # 1 2 F i l e n a m e > istheoutputfilenameofthepkcs#12formatfile < D i s p l a y N a m e > isthedesirednamethatwillsometimesbedisplayedinuserinterfaces. Forexample,type: > C : \ O p e n s s l \ b i n \ o p e n s s l . e x e p k c s 1 2 k e y p b e P B E S H A 1 3 D E S c e r t p b e P B E S H A 1 3 D E S e x p o r t i n m y _ c e r t . c r t i n k e y m y _ k e y . k e y o u t m y _ p k c s 1 2 . p f x n a m e " m y n a m e " 6.(Optional)Deleteunneededfiles. Atthispoint,youonlyneedthePKCS#12formatfile,soyoucandeletethecertificatesigning request(. c s r )file,theprivatekey(. k e y )file,andthepubliccertificate(. c r t )file. TheresultingPKCS#12formatfilemaynowbeusedwithinSecureFTPServerFIPS.