Configuring Certificate Signing Request (CSR)

This page will walk through how to create a Certificate Signing Request on Polarity V5.

Create OpenSSL Config File

Example File:

# Create OpenSSL config file
echo "
[req]
distinguished_name = req_distinguished_name
prompt = no

[req_distinguished_name]
C = US
ST = Ct
L = Farmington
O = Polarity.io
OU = Engineering
CN = polarityserver.mycompany.local

[v3_req]
subjectAltName = @alt_names

[alt_names]
DNS.1 = 10.10.10.10
IP.1 = 10.10.10.10
DNS.2 = polarityserver.mycompany.local
" > server.config

Change the hostname (polarityserver.mycompany.local) and ip (10.10.10.10) in all places
Use company specific info in req_distinguished_name as required
Consider adding subject alternate names for the server's public IP by setting an IP.2 under alt_names

Generate Private Key if one does not exist

openssl genrsa -out server.key 4096

Generate CSR

openssl req -new -key server.key -out server.csr -config server.config

Process CSR internally and Add to Polarity Docker required locations

Process the CSR internally then once done add the resulting certificates to the following locations:

/app/certs/polarity.pem
/app/caddy/config/server.crt

Add the private keys to the following locations

/app/certs/polarity_key.pem
/app/caddy/config/server.key

Add any required Certificate Chains (such as GoDaddy) to the server

Save the cert chains as .pem or .crt and add those files to the follwing location

/app/certs/ca/

Restart the docker containers

cd /app && ./down.sh && ./up.sh

PreviousInstalling SSL Certificate NextConfiguring a Proxy

Last updated 1 year ago