Edge for Private Cloud v4.19.01
After you create the local private key for a node, create its signature configuration file. Each node must have its own version of the signature configuration file.
The following example shows the syntax for a signature configuration file:
[req] distinguished_name = req_distinguished_name attributes = req_attributes prompt = no [ req_distinguished_name ] C=COUNTRY_NAME ST=STATE_NAME L=CITY_NAME O=ORG_OR_BUSINESS_NAME OU=ORG_UNIT CN=ORG_DEPARTMENT [ req_attributes ] [ cert_ext ] subjectKeyIdentifier=hash keyUsage=critical,keyEncipherment,dataEncipherment extendedKeyUsage=serverAuth,clientAuth subjectAltName=@alt_names [alt_names] DNS.1=localhost DNS.2=ipv4-localhost DNS.3=ipv6-localhost DNS.4=cli.dc-1.consul DNS.5=client.dc-1.consul DNS.6=server.dc-1.consul DNS.7=FQDN # ADDITIONAL definitions, as needed: DNS.8=ALT_FQDN_1 DNS.9=ALT_FQDN_2 # REQUIRED (at least 1 IP address plus localhost definitions) IP.1 = IP_ADDRESS IP.2=0.0.0.0 IP.3=127.0.0.1 IP.4=::1 # ADDITIONAL definitions, as needed: IP.5=ALT_IP_ADDRESS_1 IP.6=ALT_IP_ADDRESS_2 ...
The following table describes the properties in the signature configuration file:
| Property | Required? | Description | 
|---|---|---|
| C | A two-letter code for the nation in which the server is running. | |
| ST | The state/province in which the server is running. | |
| L | The city in which the server is running. | |
| O | The name of the business running the server. | |
| OU | Sub-division within the business. | |
| CN | Sub-division within the business. | |
| DNS.[1...] | DNS servers used by Consul. You must set DNS.1throughDNS.7.Use  ... [alt_names] DNS.1=localhost DNS.2=ipv4-localhost DNS.3=ipv6-localhost DNS.4=cli.dc-1.consul DNS.5=client.dc-1.consul DNS.6=server.dc-1.consul DNS.7=FQDN ... FQDN is the
          Fully
          Qualified Domain Name of the network server that will use this certificate. For
          example,  To get the FQDN on a Linux server, use the following command: hostname --fqdn | |
| IP.[1...] | Set  In addition, Apigee requires that you include the following localhost definitions: # REQUIRED (at least 1 IP address plus localhost definitions) IP.1=216.3.128.12 IP.2=0.0.0.0 IP.3=127.0.0.1 IP.4=::1 If the node uses more than one IP address to communicate with other nodes, then specify additional IP addresses, each on a separate line; for example: # REQUIRED (at least 1 IP address plus localhost definitions) IP.1=216.3.128.12 IP.2=0.0.0.0 IP.3=127.0.0.1 IP.4=::1 # ADDITIONAL definitions, as needed: IP.5=192.0.2.0 IP.6=192.0.2.1 |