You can create a self signed certificate by downloading OpenSSL (freeware) and running these commands at the command prompt:
Create the Certificate
openssl req -new -x509 -nodes -days 365 -newkey rsa:2048 -sha256 -keyout PrivateKey.key -out certificate.crt
Combine the Certificate With the Private Key
copy certificate.crt+privatekey.key CertAndPrivate.pem
Modify your Configuration
<setting name="DtlsCertificates" serializeAs="Xml"> <value> <DtlsCertificates> <DtlsCertificate> <Id>Default</Id> <CACertificates>C:\Program Files\Inventive Labs\Voice Elements Platform\HMP Elements Server\certificate.crt</CACertificates> <CertificateFile>C:\Program Files\Inventive Labs\Voice Elements Platform\HMP Elements Server\CertAndPrivate.pem</CertificateFile> <Password>yourpassword</Password> <Encrypted>0</Encrypted> </DtlsCertificate> </DtlsCertificates> </value> </setting>
- The CACertificate tag must have the original certificate file you created since there is no “real” Certificate Authority to refer to.
- Be sure that you use a 2048 bit certificate.
- The Password is the password that will decrypt the private key of the certificate. If you don’t wish this to be seen in plain text you can use the Password Encryptor. Send a note to firstname.lastname@example.org and we can give you a link. If you decide to encrypt the password, you must set the Encrypted flag to 1 (one).
Using the Self-Signed Certificate With Your Web Socket
You can also use your self-signed certificate with the WebSocket.
You must convert the certificate and the private key into a PFX file.
Again using OpenSSL, do the following:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt
Ready to set up Secure WebSockets?
See WebRTC – Setting up Secure WebSockets to see how to modify your configuration to use secure web sockets.