You can sign the AE Services server CSR using the server where you created the CA certificate. The certificate is saved in the myserver.crt file. To sign the CSR, you need your CA private key password.
Before you begin
Save the CSR to a file named myserver.req in the /certificate directory on the server where the CA certificate was created.
Procedure
From the Linux® Operating System CLI, run the cd command to change to the certificate home directory.
For example, you can run:
cd /certificates
To create a serial number for the certificate, run the following command:
openssl ca -config <openssl.cnf> -days <number of days> -out <key file> -infiles <key file>
For example, you can run:
openssl ca -config openssl.cnf -days 730 -out myserver.crt -infiles myserver.req
You can change the expiration date of the public certificate by editing the -days option. By default, the signed public certificate expires in 2 years.
When prompted, enter the CA root key password.
When the OpenSSL prompts you to confirm the operation, enter Y and press Enter.
To view the contents of the newly signed public server certificate, run the following command:
