Advanced Installation TopicsSelf-Signed Certificate (MakeCert)

Self-Signed Certificate (MakeCert)

Sana Commerce 9.2
Your connector

Create a Self-Signed SSL Certificate

To create a self-signed SSL certificate:

Step 1: Run the Command Prompt as administrator and locate the Windows SDK installation directory. The default location is C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\.

Step 2: Execute the following command:

makecert -sv SignRoot.pvk -cy authority -r SignRoot.cer -a sha512 -n "CN=Development Authority" -ss my -sr localmachine
 NOTE

-n Specifies the subject's certificate name. You can use any name, specified in double quotes and preceded by CN=

Example: "CN=Sana Software Company"

This command will create the certificate with the *.cer extension. You can find it in the directory of the 'makecert' utility. You will need to import this certificate into Trusted Root Certification Authorities on the Web server where the Sana Commerce web store is installed. This is described in the last article of this chapter.

Step 3: When you are prompted, enter a password. You need this password to create the service certificate.

Step 4: Find out the external server IP address or domain.

Step 5: Execute the following command:

makecert -iv SignRoot.pvk -ic SignRoot.cer -a sha512 -cy end -pe -n CN="0.0.0.0" -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
 NOTE

Before executing the command substitute the subject's certificate name (-n CN=" ") with the external server IP address or domain.
If you create the self-signed certificate to encrypt your ERP Web service with SSL, and your ERP system is hosted on Azure, only the domain can be used.

Step 6: When you are prompted, enter the password that you used before.

Step 7: Check that two certificate files ('SignRoot.pvk' and 'SignRoot.cer') were created in the SDK directory.

Advanced Installation TopicsSelf-Signed Certificate (MakeCert)