Self-signed SSL cert
S3Drive supports self-signed certificate in a PEM format. Certificate must be imported into S3Drive app.
Adding certificate on the OS level might work on some desktop platforms (e.g. Ubuntu - /usr/share/ca-certificates), but in general it is required to import it to S3Drive.
In-app settings¶
Example way of generating an SSL certificate¶
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj "/C=US/ST=Oklahoma/L=Stillwater/O=My Company/OU=Engineering/CN=your.domain.com" -keyout rootCA.key -out rootCA.crt
openssl genrsa -out "your.domain.com.key" 2048
openssl req -new -key your.domain.com.key -out your.domain.com.csr -config openssl.cnf
openssl x509 -req -days 365 -in your.domain.com.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -extensions v3_req -extfile openssl.cnf -out your.domain.com.crt
openssl.cnf¶
[req]
default_bits = 2048
encrypt_key = no # Change to encrypt the private key using des3 or similar
default_md = sha256
prompt = no
utf8 = yes
# Specify the DN here so we aren't prompted (along with prompt = no above).
distinguished_name = req_distinguished_name
# Extensions for SAN IP and SAN DNS
req_extensions = v3_req
# Be sure to update the subject to match your organization.
[req_distinguished_name]
C = US
ST = Oklahoma
L = Stillwater
O = My Company
OU = Engineering
CN = your.domain.com
# Allow client and server auth. You may want to only allow server auth.
# Link to SAN names.
[v3_req]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, serverAuth
subjectAltName = @alt_names
# Alternative names are specified as IP.# and DNS.# for IP addresses and
# DNS accordingly.
[alt_names]
DNS.1 = your.domain.com
Example certificate¶
your.domain.com.crt
-----BEGIN CERTIFICATE-----
MIIEHDCCAwSgAwIBAgIUW4npm6z6oloneZUu3E2Q+arYVQAwDQYJKoZIhvcNAQEL
BQAwejELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE9rbGFob21hMRMwEQYDVQQHDApT
dGlsbHdhdGVyMRMwEQYDVQQKDApNeSBDb21wYW55MRQwEgYDVQQLDAtFbmdpbmVl
cmluZzEYMBYGA1UEAwwPeW91ci5kb21haW4uY29tMB4XDTI0MDQyNzEyNTEyOFoX
DTI1MDQyNzEyNTEyOFowejELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE9rbGFob21h
MRMwEQYDVQQHDApTdGlsbHdhdGVyMRMwEQYDVQQKDApNeSBDb21wYW55MRQwEgYD
VQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPeW91ci5kb21haW4uY29tMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmkC0+WzKckQzhnqhO2O8i6W2OcT
xODGZbjo9EbFFmrzZPGdGzckf3/7bAQY86+RyRYpm/VELFxOPlI//5hdcQJejeF3
xfqyTDSgJRKNrJ03rmLwhxQ/iJfSBJrT67X4nhAL4qIhohrszLtTXOQrFcBhecF8
psf5KhL6Zjb0/6eC5Pyo/D0xoFhqIKyf1vY9z3htr7k51as0VZbuRWA3/226olAL
UIHzLdUGC9mI5VvHvU+eTaIRKYpCEZu6UPr/JFkdbX1mwJYOezMBKYEnt3wQ37SN
HBGaX/QjSm2hBHmYSYA45RJvF5j3rs/gDqDIviPMstVKWsAl2NSTKn/BcQIDAQAB
o4GZMIGWMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFB8itC1jONnlP7Y7w6VP4ajQ
33mqMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
GgYDVR0RBBMwEYIPeW91ci5kb21haW4uY29tMB8GA1UdIwQYMBaAFESrxmEbR7Q5
a/CbggrNJfbPeOIwMA0GCSqGSIb3DQEBCwUAA4IBAQBWPBRXfKsqWdvU6iJsuCHa
p31WRmTqeVfRQyUPLORwsE9C4G4wlYp/1sgKBr1nh8mcplbMLO0dKSfEL9eee8lO
vVaJbZjTJFhvfMvJ+JTv575uU+inehyNFk4YQfzo9OqAPjZABx8MkJX4y3oqrqiL
3kUNXccG8vkd8+2BgWmpo53eIBs/ZZKo9mrZisvNkQndPzEZnX1w0tapcAPJp+2c
zJToD8zAxUiItZkIjRh2U63qM9pE88siVJM2c6VHhOqiEpu8Y8Gej6XLbUyy6J+D
o4c3OFJWzgQYB3VK6IDpr/DQdS2YfEPh5FQw46xvU4SdD6LwXlM1D1I83tt2j/8C
-----END CERTIFICATE-----