Creating an X509 certificate using OpenSSL

From ExcelReportLink Wiki
Jump to navigation Jump to search

Overview

ExcelReportLink provides the ability to access your Xero data using your own private application. This approach, while technical to configure, bypasses the need to select the data file and obtain a verification code during each Get Data.

In order to setup a private application in Xero, you will need to create an X509 certificate. We recommend using OpenSSL.

Requirements

OpenSSL for Windows can be downloaded from the following website http://slproweb.com/products/Win32OpenSSL.html. Simply go to the website, scroll to the table and download the latest version matching your 32-bit or 64-bit operating system.

You can find out more about OpenSSL from the following website https://www.openssl.org.

How to create an X509 certificate using OpenSSL

To create an X509 certificate using OpenSSL, follow these steps.

Note that for all the instructions you will need to enter your organisation name where you see <organisation name>.

  1. Open the command line application using <Windows Key>+<R Key> on your keyboard and running the CMD command;
  2. Go to the OpenSSL bin folder using either of these command lines;
    CD C:\OpenSSL-Win32\bin\
    CD C:\OpenSSL-Win64\bin\
  3. Ensure the OPENSSL_CONF environment variable is set using either of these command lines;
    SET OPENSSL_CONF=c:\OpenSSL-Win32\bin\openssl.cfg
    SET OPENSSL_CONF=c:\OpenSSL-Win64\bin\openssl.cfg
  4. Create a 1024 bit private key using the following command line;
    openssl genrsa -out <organisation name>.pem 1024
  5. Create the X509 certificate using the following command line;
    openssl req -new -x509 -key <organisation name>.pem -out <organisation name>.cer -days 1825
    When running this command line, you will be prompted for additional inputs such as country, state, locality, etc.
    Organizational Unit, Command Name can be left blank.

You now have a Private Key PEM file and a public X509 Certificate required to create the private application in Xero. We recommend you backup both files.

Also note that the X509 Certificate will only be valid for 1825 days (5 years) and will need to be replaced eventually.

Related Topics

Retrieved from "https://accountingaddons.com.au/wiki/excelreportlink/index.php?title=Creating_an_X509_certificate_using_OpenSSL&oldid=1295"