2 minute readApplies to: v4

How to generate a self-signed certificate

If you need an HTTPS address against a different hostname, but lack your own certificates, SquaredUp can automatically create self-signed certificates for you.

The certificates generated are for staging and pre-production use only. The certificate expiry dates are fixed to be 1 year in the future and no further.

You will need to connect to your SquaredUp server.

  1. On the SquaredUp for Azure server open a command prompt as an administrator (from Start > Run type command prompt, right-click on the Command Prompt icon and click Run as administrator).
  2. Change to the SquaredUpv4 installation location, for example type:

    cd F:\SquaredUpv4

    For an Azure Marketplace deployment the squaredupv4 folder will typically be located at F:\squaredupv4.

    For an install using the downloadable installer the default location is C:\inetpub\wwwroot\SquaredUpv4, but a custom location may have been chosen during the installation.

  3. Run the command squaredup4 https --hostname <HOSTNAME>

    Where <HOSTNAME> is replaced with a hostname.

    For example squaredup4 https --hostname myserver.staging.company.com

    This tool only accepts hostnames. Specifying an IP address will produce incorrect results

  4. After a few seconds a certificate will be generated and installed, with the web server bindings updated to match:

    HTTPS output

    Your server will now be available with an HTTPS:// binding at the hostname specified.

Security statement

The self-signed certificates generated by this tool use a dedicated, unique certificate authority which is added to the trusted root.

The private key for this authority is generated dynamically at runtime (it is not fixed): SquaredUp does not ever hold or see the private key used. In addition, the private key is ephemeral: it is immediately discarded after the certificate is installed and cannot ever be used again.

This root authority cannot be used to generate any further certificates, and it cannot be used for arbitrary certificate abuse due to its fixed key usage (Digital Signature, Certificate Signing, Off-line CRL Signing, CRL Signing)

How to deploy SquaredUp for Azure

How to change which Azure Tenant your instance of SquaredUp is connected to

How to change the hostname/domain of SquaredUp

How to make a user a SquaredUp administrator

Squared Up Ltd. (c) 2020Report an issue with this article