WSS requires that the browser has a root certificate of authority (CA)
to communicate securely to another (server) process which uses a server
side certificate compatible with the CA. The following is an example on
how to create the certificates using OpenSSL.
Apple's Safari is moving to a 398 day certificate expiration policy
effective September 1, 2020. Any two-year certificates created before
August 31st will still work until their issued expiration date.
OpenSSL Windows Example:
OpenSSLBatchScript.zip->createWindowsCertificate.bat
Ensure
to set the path to the openssl.cnf within the
createWindowsCertificate.bat file before running.
An example can be
found commented in the createWindowsCertificate.bat.
Windows Open SSL binaries:
OpenSSL OSX Example:
OpenSSLBatchScript.zip->createfilesMac.sh
OpenSSL is installed on Mac by default
To merge and simplify the instructions for Windows workstations in both the .bat file and the sbulletsupport topics:
1. Download OpenSSL
The following link should have what you need. You need to select
==>
https://slproweb.com/products/Win32OpenSSL.htmlAssuming you are on a 64-bit machine, the option "Windows64 OpenSSL v3.0.0" in the list, should be what you download (
https://slproweb.com/download/Win64OpenSSL-3_0_0.exe)
2. Once you download, please follow the instructions and install the binaries on your machine.
3.
Once everything is installed, create a new directory at a convenient
place. Copy and paste the following files from following locations into
this newly created directory:
==> From the OpenSSLCreateCertMacWin folder that you downloaded and extracted from sbulletsupport website
- CreateWindowsCertificate.bat
-v3.ext
==> From the C:\Program Files\OpenSSL-Win64\bin (unless you installed the open SSL at a different location)
-openSSL.exe
4.
If you do have an existing configuration file for creating OpenSSL
certificates, pls provide access to that in the .bat file (right click
and edit the .bat file and set the OPENSSLCONFIG= option to point to the
right location)
If you DO NOT HAVE one, the batch file will
create one for you during execution (Command Prompt). You will be prompted to input the necessary information:
Per comments in the .bat file:
==> Common Name (CN) specified in this step should be 127.0.0.1, or the CN must match the wss address used by the app.
Example:
Country Name: US
State: Florida
Locality: Pensacola
Organization: Example Company
Unit Name: EC
Common Name: 127.0.0.1
Email:
support@examplecompany.com==> you can just press enter and skip for "extra" attributes