- Run the following command:
openssl.exe req -new -x509 -days-nodes -config-out-keyoutWhere:
req Creates and processes certificate requests in PKCS#10 format -new Prompts for user information specified in the OpenSSL configuration file, such as: Country, State, Organization and Common Name -x509 Creates a self-signed certificate rather than a certificate request -days Number of days that certificate will be valid -nodes Private Key is generated in unencrypted form and avoids prompting for a pass phrase every time the certificate is used -config <openssl_config_file> Path and file name of the OpenSSL configarion file (usually openssl.cnf) -*out <cert_name.pem> Path and file name of the certificate to be generated (both -out and -keyout arguments should point to the same file)Below is a sample screen output of the Certificate generation process using OpenSSL:E:\Program Files\Trend Micro\IMSS\ui\apache\bin>openssl.exe req -new -x509 -
days 1460 -nodes -config openssl.cnf -out tsmtpd.pem -keyout tsmtpd.pem
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'tsmtpd.pem'
- Enter the information that would be incorporated into your certificate request. Enter a Distinguished Name or DN.
There are some fields that you can leave blank, while others would have a default value. If you enter '.', the field will be left blank.Country Name (2 letter code) [PH]:
Locality Name (eg, city) :Manila
Organization Name (eg, Company) :Trend Micro
Organizational Unit Name (eg, Department, Division) :Global Training
Common Name (eg, hostname or YOUR name) :server01.tmcourse.net
Email Address :email@example.com
E:\Program Files\Trend Micro\IMSS\ui\apache\bin>
- Run the following command to change the certificate format to PFX, which is an acceptable format for version 7.1:
openssl pkcs12 -export -out text.pfx -in
where: "" is the .PEM file generated above
- Only unencrypted OpenSSL generated certificates are supported
- Both Private and Public keys must be stored in the same PEM-format file
mail from: <>
530 Must issue a STARTTLS command first -
Windows 2008 is only supported in IMSS 7.1 for Windows. You can refer to the IMSS 7.1 for Windows Readme for more information.