Applies To
- Windchill PDMLink 11.0+
Description
- SSL Certificates require a Certificate Request file (CSR) and a Certificate Key file (KEY)
- This process generates the the CSR and the KEY
Resolution
Setup OPENSSL command
Everything with certificates uses the openssl command built into Apache, this requires an environment setting to see the openssl.cnf configuration file. Before performing the next steps,
-
-
locate the openssl.cnf file - Usually located in the <Windchill>\HTTPServer\ssl folder
- From a Windchill shell command line in the following directory: <Windchill>\HTTPServer
- Type: set OPENSSL_CONF=<Windchill>\HTTPServer\ssl\openssl.cnf
- navigate to <Windchill>\HTTPServer\bin
- type: "openssl" in the command line to verify openssl works and get the openssl> prompt
- type: "exit" to leave the openssl prompt
-
Generate Certificate Request files CSR and KEY
From <Windchill>\HTTPServer\bin> type:
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Enter values for the following prompts:
- Country Name (2 letter code) [AU]:US
- State or Province Name (full name) [Some-State]:Minnesota
- Locality Name (eg, city) []:Minneapolis
- Organization Name (eg, company) [Internet Widgits Pty Ltd]:Company Name, Inc.
- Organizational Unit Name (eg, section) []: <optional - "Research And Development">
- Common Name (eg, YOUR name) []: <website URL like “windchillcompany.com”>
- Note: change URL for different servers
- Email Address []:user@company.com
This will generate two files in the <Windchill>\HTTPServer\bin folder:
From a Windows command line in the following directory: <Windchill>\HTTPServer\bin
-
- server.key
- server.csr
Sharing the CSR file with a Certificate Authority will generate the new certificate.
The KEY file is required for the new certificate to work.
Reference
- PTC Article - CS267795 - https://www.ptc.com/en/support/article/cs267795
- PTC Article - CS226606 - https://www.ptc.com/en/support/article/CS226606