-
Generate the files client.pem, client.cert, and client.key on each client machine using openssl version 1.0.1c:
openssl genrsa 1024 > client.key chmod 400 client.key openssl req -new -x509 -nodes -sha1 -days 365 -key client.key > client.cert openssl x509 -in client.cert -text > client.pem
-
Use the following command line arguments when executing the Aster Loader Tool. For this example, we will assume the client will store the certificate as /home/jbloggs/certs/client.cert and the key as /home/jbloggs/certs/client.key. If you are not configuring the Loader’s node with the same setting as the queen, you must add "-l queen_ip -f" to your command so that the queen node will do the loading.
- --enable-ssl
- --ssl-self-signed-peer
- --ssl-certificate-path /home/jbloggs/certs/client.cert
- --ssl-private-key-path /home/jbloggs/certs/client.key
- --ssl-cert-filetype 1 (A value of "1" means SSL_FILETYPE_PEM. A value of “2” means SSL_FILETYPE_ASN1.)