Creating a Self-Signed Certificate - Facility Explorer - Metasys - LIT-12012015 - TL-MAP1810-0Px - TL-MAP1810-0Sx - Gateway/Router - MAP Gateway - 5.0

Mobile Access Portal Gateway Network and IT Guidance Technical Bulletin

Facility Explorer
Product name
MAP Gateway
Document type
Technical Bulletin
Document number
Revision date

About this task

The following steps demonstrate how to create a self-signed certificate using the XCA - X Certificate and key management application, copyright 2014 by Christian Hohnstädt, as an example of how to perform this task. You must make sure to use a certificate-generating application that is approved by your IT department. This procedure creates a file in a format for submitting the properties of your SSL certificate to the certificate authority.


  1. Open your certificate creating-application, select the Certificates tab if necessary, and click New Certificate. The Create Certificate screen appears.
    Figure 1. New Certificate

  2. Accept the defaults unless they conflict with your IT policies and select the Subject Tab.
    Figure 2. Create the Certificate

  3. In the Distinguished name properties window, enter the following information:
    • Internal name: This name is only used internally and does not appear in the certificate.
    • organizationName: the name of your organization
    • countryName: the country in which your organization is located
    • organizationalUnitName: the name of your department within the organization
    • stateOrProvinceName: the state in which your organization is located
    • commonName: the domain name without https://. The domain name should be the site used to browse to the MAP Gateway UI.
    • localityName: the city in which your organization is located
    • emailAddress: Typically the address of the administrator of your organization.
    • Private key: This drop-down list contains private keys that you have already generated. In this case, select New Key (RSA), which was generated in the Generating a Private Key section of this document. If you have not created a private key or wish to create a new one, click Generate a new key and follow the steps in Generating a Private Key in this document.
    Figure 3. Subject Tab Properties

  4. Select the Extensions tab.
    Figure 4. Extensions Tab Properties

  5. Use the Validity and Time range sections to define time limits and valid ranges for your certificate. Click OK.The new certificate is now in your list of certificates with the internal name you assigned. Select the certificate and click Export.
    Figure 5. New Certificate Created

  6. Choose an export format of PEM with Certificate chain and click OK to save the file to a location where you can access the file to place into your MAP Gateway. This is the file you use when Adding a Private Key and Certificate to MAP Gateway.
    Figure 6. New Certificate Export

  7. Click Finish.
    Figure 7. Successfully Created Certificate Message