English
Deutsch
Español – América Latina
Français
Indonesia
Italiano
Português – Brasil
中文 – 简体
日本語
한국어

Generate self-signed TLS credentials

This topic explains how to create self-signed TLS certificates for use in an environment configuration. This information is intended for trial or testing purposes only.

The runtime ingress gateway (the gateway that handles API proxy traffic) requires a TLS certificate/key pair. For this quickstart installation, you can use self-signed credentials. In the following steps, openssl is used to generate the credentials.

Navigate to your HELM_CHARTS_HOME/apigee-virtualhost/ chart directory and execute the following command to create the certificate and key files. The certificate files will most likely have .crt or .pem extensions and the key file will most likely have .key.
Note: We recommend storing the certificate and key files in your HELM_CHARTS_HOME/apigee-virtualhost/ chart directory.
```
openssl req  -nodes -new -x509 -keyout ./certs/keystore.key -out \
    ./certs/keystore.pem -subj '/CN=mydomain.net' -days 3650
```
This command creates a self-signed certificate/key pair that you can use for the quickstart installation. The CN mydomain.net can be any value you wish for the self-signed credentials.
Check to make sure the files are in the ./certs directory:
```
ls ./certs
  keystore.pem
  keystore.key
```
Where keystore.pem is the self-signed TLS certificate file and keystore.key is the key file.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-04-25 UTC.