Step 5 - Install an x509 Certificate

In order to run nginx, you need to provide a certificate valid for the URL use want to use to access Nirmata. If you don’t already have a certificate, you can use a self-signed certificate. Here are the steps required to generate a self-sign certificate:

  1. SSH to the Node you will use to run the Nirmata services
  2. Create a directory where the certificate will be generated :

    sudo mkdir certificates
    
  3. Generate the certificate in this directory :

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout certificates/nginx.key -out certificates/nginx.crt
    
  4. Enter the required parameters

    a. Country Name (2 letter code) [AU]:US

    b. State or Province Name (full name) [Some-State]:New York

    c. Locality Name (eg, city) []:New York City

    d. Organization Name (eg, company) [Internet Widgits Pty Ltd]:Acme

    e. Organizational Unit Name (eg, section) []:I.T

    f. Common Name (e.g. server FQDN or YOUR name) []:server_IP_address or DNS

    g. Email Address []:admin@your_domain.com