Programmable Voice

  1. Home
  2. Docs
  3. Programmable Voice
  4. WebRTC
  5. Creating a Self Signed Certificate

Creating a Self Signed Certificate

You can create a self signed certificate by downloading OpenSSL (freeware) and running these commands at the command prompt:

Create the Certificate

openssl req -new -x509 -nodes -days 365 -newkey rsa:2048 -sha256 -keyout PrivateKey.key -out certificate.crt


Combine the Certificate With the Private Key

copy certificate.crt+privatekey.key CertAndPrivate.pem


Modify your Configuration

<setting name="DtlsCertificates" serializeAs="Xml">
    <CACertificates>C:\Program Files\Inventive Labs\Voice Elements Platform\HMP Elements Server\certificate.crt</CACertificates>
    <CertificateFile>C:\Program Files\Inventive Labs\Voice Elements Platform\HMP Elements Server\CertAndPrivate.pem</CertificateFile>



  • The CACertificate tag must have the original certificate file you created since there is no “real” Certificate Authority to refer to.
  • Be sure that you use a 2048 bit certificate.
  • The Password is the password that will decrypt the private key of the certificate. If you don’t wish this to be seen in plain text you can use the Password Encryptor. Send a note to and we can give you a link. If you decide to encrypt the password, you must set the Encrypted flag to 1 (one).


Using the Self-Signed Certificate With Your Web Socket

You can also use your self-signed certificate with the WebSocket.

You must convert the certificate and the private key into a PFX file.

Again using OpenSSL, do the following:

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt


Ready to set up Secure WebSockets?

See WebRTC – Setting up Secure WebSockets to see how to modify your configuration to use secure web sockets.

Was this article helpful to you? Yes 13 No