Orchestrator Package Signing Certificate Creation

https://github.com/vmware/build-tools-for-vmware-aria

Firstly you need to download OpenSSL for Windows from the following URL and add it to your windows path environment variable https://slproweb.com/products/Win32OpenSSL.html

You should add the resultant certificate and private key to a zip file named “archetype.keystore-1.0.0”

Filename: cbt-signing-certificate.cfg

[ req ]
default_bits = 2048
default_keyfile = private_key.pem
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req

[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment, nonRepudiation
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alternate_names

[ req_distinguished_name ]
countryName = GB
stateOrProvinceName = County
localityName = TownOrCity
0.organizationName = Cloud Build Tools
organizationalUnitName = Deployment Automation
commonName = cloudbuildtools.com
emailAddress = support@cloudbuildtools.com

[ alternate_names ]
DNS.1 = cloudbuildtools.com

[ req ]
default_bits = 2048
default_keyfile = private_key.pem
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req

[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment, nonRepudiation
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alternate_names

[ req_distinguished_name ]
countryName = GB
stateOrProvinceName = County
localityName = TownOrCity
0.organizationName = Cloud Build Tools
organizationalUnitName = Deployment Automation
commonName = cloudbuildtools.com
emailAddress = support@cloudbuildtools.com

[ alternate_names ]
DNS.1 = cloudbuildtools.com

Signed Certificate

openssl genrsa -passout pass:CloudBuildTools! \
               -out cbt-signing-private-key.pem 2048

openssl req -new \
            -config cbt-signing-certificate.cfg
            -inform PEM \
            -key cbt-private-key.pem \
            -outform PEM \
            -out cbt-signing-certificate.csr

openssl pkcs12 -export \
               -name "_dunesrsaalias_" \
               -out cbt-signing-certificate.pfx \
               -inkey cbt-signing-private-key.pem \
               -in cbt-signing-certificate.crt

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nocerts \
               -out cbt-signing-private-key.pem

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nokeys 
               -clcerts 
               -out cbt-signing-certificate.pem

openssl genrsa -passout pass:CloudBuildTools! \
               -out cbt-signing-private-key.pem 2048

openssl req -new \
            -config cbt-signing-certificate.cfg
            -inform PEM \
            -key cbt-private-key.pem \
            -outform PEM \
            -out cbt-signing-certificate.csr

openssl pkcs12 -export \
               -name "_dunesrsaalias_" \
               -out cbt-signing-certificate.pfx \
               -inkey cbt-signing-private-key.pem \
               -in cbt-signing-certificate.crt

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nocerts \
               -out cbt-signing-private-key.pem

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nokeys 
               -clcerts 
               -out cbt-signing-certificate.pem

Self-Signed Certificate

openssl genrsa -passout pass:CloudBuildTools! \
               -out cbt-signing-private-key.pem 2048

openssl req -new \
            --x509 \
            -sha256 \
            -days 3650 \
            -key cbt-signing-private-key.pem \
            -out cbt-signing-certificate.crt \
            -config cbt-signing-certificate.cfg

openssl pkcs12 -export \
               -name "_dunesrsaalias_" \
               -out cbt-signing-certificate.pfx \
               -inkey cbt-signing-private-key.pem \
               -in cbt-signing-certificate.crt

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nocerts \
               -out cbt-signing-private-key.pem

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nokeys \
               -clcerts \
               -out cbt-signing-certificate.crt

openssl genrsa -passout pass:CloudBuildTools! \
               -out cbt-signing-private-key.pem 2048

openssl req -new \
            --x509 \
            -sha256 \
            -days 3650 \
            -key cbt-signing-private-key.pem \
            -out cbt-signing-certificate.crt \
            -config cbt-signing-certificate.cfg

openssl pkcs12 -export \
               -name "_dunesrsaalias_" \
               -out cbt-signing-certificate.pfx \
               -inkey cbt-signing-private-key.pem \
               -in cbt-signing-certificate.crt

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nocerts \
               -out cbt-signing-private-key.pem

openssl pkcs12 -in cbt-signing-certificate.pfx \
               -nokeys \
               -clcerts \
               -out cbt-signing-certificate.crt

Discover more from Cloud Build Tools

Subscribe to get the latest posts sent to your email.

Orchestrator Package Signing Certificate Creation

Like this:

Related

Discover more from Cloud Build Tools

Leave a Reply Cancel reply

You may also like

Search

Categories

Categories

Orchestrator Package Signing Certificate Creation

Share this:

Like this:

Related

Discover more from Cloud Build Tools

Leave a Reply Cancel reply

You may also like

Orchestrator Function: VcClusterComputeResourceGetBestVcHostSystem

Orchestrator Functions: VcVirtualMachineGetVcVirtualCdroms

Browse

Search

Categories

Tag Cloud

Categories

Tag Cloud