Creating a certificate

The command for creating a certificate is described.

To create a certificate, you use a wvrcert command of the following form:

wvrcert -cert -create -db $SYS_DIR/voip/keyring.db -stashed -label wvr_server_certificate
        -dn distinguished_name -size key_size -expire days

where:

-dn distinguished_name
The X.500 distinguished name enclosed in double quotation marks. At least one attribute is required. You can supply multiple OU or DC attributes.
-size key_size
The key size. The value can be 512, 1024, 2048 or 4096. The default is 1024.
-expire days
The expiration time in days of the certificate. The default is 365 days for a certificate.

A typical use would be like the following instance of the command:

wvrcert -cert -create -db $SYS_DIR/voip/keyring.db -stashed 
        -label wvr_server_certificate -dn CN='echo $HOSTNAME'

In this case, the Common Name (CN) value is set to be the hostname of the machine by using the AIX variable $HOSTNAME. The common name of a personal certificate must be the host name of the machine that will use it. Other SIP entities will be expecting the hostname in the certificate to match the hostname of the machine.

Parent topic: Option 1 - Creating a self-signed certificate