Create Certificates for a Secure Deployments

Learn about creating different types of certificates for a deployment in a hub or external certificate when transporting trail data across two different host deployments.

Each system (deployment) has its own set of root, server, and client certificates.

The most common use case for generating certificates within the same organization is to create a single trusted root certificate (rootCA), which is used at different locations but within the same organization.

The other use case is where a secure deployment must be provided between fully independent organizations in which even the trusted root certificates (rootCA01, rootCA02) are different. Such a case is more complex and is described in the Connecting Two Deployments Using External RootCA Certificate.

In this section, you will learn to create trusted certificates (rootCA), server certificates, client certificates, and distribution client certificate for secure Oracle GoldenGate Microservices Architecture deployments, when setting up a secure deployment or authenticate connections between two separate deployments.

Note:

The provided OpenSSL commands are using a self-signed certificate. This case is only used to demonstrate how to set up a secure environment with non-commercial certificates. For secure environments, it is recommended to use certificates provided by commercial providers.