Generate a Public and Private X.509 Key Pair

Software Installation for Linux

product_line_custom
IntelĀ® PAC
Napatech SmartNIC
category
Software Installation Guide

About this task

A public and private X.509 key pair needs to be generated. The private key used to sign the Napatech driver after it has been built. The corresponding public key will be used to authenticate the Napatech driver when it is loaded. The Napatech driver is build during installation and the default location is /opt/napatech3/driver/nt3gd.ko.

Steps

To create a public and private X.509 key pair:

Procedure

  1. The openssl tool is used to generate public and private X.509 key pair. The easiest way to specify some of the parameters for this key generation is by means of a configuration file (key.config). Use the following as a template and change the [ req_distinguished_name ] section:
    [ req ]
    default_bits = 4096
    distinguished_name = req_distinguished_name
    prompt = no
    string_mask = utf8only
    x509_extensions = myexts
    [ req_distinguished_name ]
    O = "Organization"
    CN = "Organization signing key"
    emailAddress = "E-mail address"
    [ myexts ]
    basicConstraints=critical,CA:FALSE
    keyUsage=digitalSignature
    subjectKeyIdentifier=hash
    authorityKeyIdentifier=keyid
  2. After creating the configuration file, create an X.509 public and private key pair using the following command:
    $ openssl req -x509 -new -nodes -utf8 -sha256 -days 36500 \
     -batch -config key.config -outform DER \
     -out public_key.der -keyout private_key.priv

Results

The public key will be written to the public_key.der file and the private key will be written to the private_key.priv file.