Describes requirements for authentication
Both public and private RSA keys are required for signing the required IAAS data so that the Web service can authenticate the request.
Describes the purpose of the private key and its location.
A private key must exist before you can create a public key. To create a private key, use the following command:
openssl genrsa -out privatekey.pem 2048
The private key is stored in the privatekey.pem
file. This file is used to create the public key. After the public key is registered with the RegisterAccessKeyRequest action, this private key can be used to sign the IAAS data.
If the WebUtil application is used to sign the IAAS data, the private key must be stored in DER format. You can use the following command:
openssl pkcs8 -topk8 -inform PEM -outform DER -in privatekey.pem -nocrypt > privatekey.DER
The private key is stored in the privatekey.DER
file.
Procedure to create a public key.
To create a public key use the following command:
openssl rsa -in privatekey.pem -pubout -out publickey.pem
The public key is stored in the publickey.pem
file. After the public key is registered using the RegisterAccessKeyRequest action, the Web server can verify the signed data with the public key.