1 of 1 people found this helpful
Those commands create a key and a certificate signing request. They do not create a certificate.
So what is the CA for this certificate. For example if you used an in house CA for the signing the certificate you are allowing anybody with a certificate signed by the CA to use the proxy.
The PEM files do not contain the password.
Yes you are right, those commands creates key (sorry for typo) and our CA is internal CA.
But our question was bit different, we wanted to make sure that after upgrade to newer version, old certificate will remain same and no need to generate the key again. The proxy is not using the hardcoded password.