Create Your Signing Certificate
Digitally signing documents requires a signing certificate in .p12 format. You can either purchase one or create a free self-signed certificate.
Follow the steps below to create a free, self-signed certificate for local development.
Generate Private Key
Generate a private key using OpenSSL by running the following command:
openssl genrsa -out private.key 2048This command generates a 2048-bit RSA key.
Generate Self-Signed Certificate
Using the private key, generate a self-signed certificate by running the following command:
openssl req -new -x509 -key private.key -out certificate.crt -days 365You will be prompted to enter some information, such as the certificate's Common Name (CN). Ensure that you provide the correct details. The —days parameter specifies the certificate's validity period.
Create p12 Certificate
Combine the private key and the self-signed certificate to create a .p12 certificate. Use the following command:
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crtIf you get the error "Error: Failed to get private key bags", add the -legacy flag to the command openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt -legacy.
p12 Certificate Password
When you create the .p12 certificate, you will be prompted to enter a password. Enter a strong password and keep it secure. Remember this password, as it will be required when using the certificate.
Note that for local development, the password can be left empty.
Add Certificate to the Project
Finally, add the certificate to the project. Place the certificate.p12 file in the /apps/web/resources directory. If the directory doesn't exist, create it.
The final file path should be /apps/web/resources/certificate.p12.