About this task
A public and private X.509 key pair needs to be generated. The private key used to sign the Napatech driver after it has been built. The corresponding public key will be used to authenticate the Napatech driver when it is loaded. The Napatech driver is build during installation and the default location is /opt/napatech3/driver/nt3gd.ko.
To create a public and private X.509 key pair:
The openssl tool is used to generate public and private X.509 key pair. The easiest way to specify some of the parameters for this key generation is by means of a configuration file (key.config). Use the following as a template and change the [ req_distinguished_name ] section:
[ req ] default_bits = 4096 distinguished_name = req_distinguished_name prompt = no string_mask = utf8only x509_extensions = myexts [ req_distinguished_name ] O = "Organization" CN = "Organization signing key" emailAddress = "E-mail address" [ myexts ] basicConstraints=critical,CA:FALSE keyUsage=digitalSignature subjectKeyIdentifier=hash authorityKeyIdentifier=keyid
After creating the configuration file, create an X.509 public and private key pair using the following command:
$ openssl req -x509 -new -nodes -utf8 -sha256 -days 36500 \ -batch -config key.config -outform DER \ -out public_key.der -keyout private_key.priv
The public key will be written to the public_key.der file and the private key will be written to the private_key.priv file.