VMware vSphere SDKs and Tools 8.0

8.0 7.0 6.7 6.5

Creating an RSA Public/Private Key Pair and Certificate

To sign a package, a public/private key pair and certificate that wraps the public key is required. The private key and the certificate, which includes the public key, is stored in a
.pem
 file.
The following OpenSSL command creates a
.pem
 file: 
openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:1024 -keyout myself.pem -out myself.pem
No password is necessary. To include a password, remove the
--nodes
 option.
Contents of the resulting
myself.pem
 file are shown below.
myself.pem File
-----BEGIN RSA PRIVATE KEY-----
    MIICXAIBAAKBgQDe0dCCKNfQ45+D0ezGGAuVSbhE8buqFCQnQnfi27Wt6bu4DhcE
    bQtjgfzuEpcl4e31txJcu18XTv4icRL74DP7i2pMN2UVj6DZW/B7jIw4UPG2g96f
    ... 
    -----END RSA PRIVATE KEY-----
    -----BEGIN CERTIFICATE-----  
    MIIC5DCCAk2gAwIBAgIJAKgUiZPOajC0MA0GCSqGSIb3DQEBBAUAMFYxCzAJBgNV
    BAYTAkRLMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ8wDQYDVQQHEwZBYXJodXMxITAf
    ...
    -----END CERTIFICATE-----
To display the contents of a
.pem
 file at the command line, type the following: 
openssl -x509 -text -noout -in <filename>.pem
Contents of the file display as follows: 
Certificate:
     Data:
        Version: 3 (0x2)
        Serial Number:
....
To create a trusted certificate, use the OpenSSL command, omitting the
-x509
 option. This creates a certificate request in a
.pem
 file that you can send to any public authority such as Verisign.

Content feedback and comments