Skip to Content Information Center
Markvision Enterprise

Markvision Enterprise

Not your product?

Creating a vault certificate

    Notes:

    • The vault certificate is self‑signed.
    • Replace the key length, signature algorithm, and certificate name with the appropriate values.

  1. Run the following command:

    • openssl genrsa -out /etc/certs/openxpki_ca-one/vault-1.key -passout file:/etc/certs/openxpki_ca-one/pd.pass 4096

  2. Change the subject in the request with your CA information using openssl req -config /etc/certs/openxpki_ca-one/openssl.conf -reqexts v3_datavault_reqexts -new -key /etc/certs/openxpki_ca-one/vault-1.key -subj /DC=COM/DC=LEXMARK/DC=DEV/DC=CA-ONE/DC=STLOPENXPKI_INTERNAL/CN=MYOPENXPKI_DATAVAULT -out /etc/certs/openxpki_ca-one/vault-1.csr.

  3. Run the following command:

    • openssl req -config /etc/certs/openxpki_ca-one/openssl.conf -extensions v3_datavault_extensions -x509 -days 3560 -in /etc/certs/openxpki_ca-one/vault-1.csr -key /etc/certs/openxpki_ca-one/vault-1.key -out /etc/certs/openxpki_ca-one/vault-1.crt
Was this article helpful?


Related content

Top