Loading
Salesforce now sends email only from verified domains. Read More
Agentforce Contact Center
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Generate a Self-Signed Certificate with OpenSSL

            You are here:

            1. Salesforce Help
            2. Docs
            3. Agentforce Contact Center

            Generate a Self-Signed Certificate with OpenSSL

            Use OpenSSL to generate an RSA private key and two certificates. You need one certificate to set up a secure connection between Amazon Connect and Salesforce and another certificate for the REST API integration. Repeat the steps to create both certificates. After generating the certificates, update your contact center definition file based on the certificate value if you've manually integrated your contact center.

            This article applies to:

            • Service Cloud Voice with Partner Telephony from Amazon Connect
            Important
            Important OpenSSL v1.1.1 must be used.
            Important
            Important The certificate expires after 1 year by default. You can change the expiration date. When the certificate expires, AWS services can’t talk with your Voice contact center. To ensure uninterrupted service, generate and upload a new certificate before the old certificate expires.
            1. Create a folder for holding the generated certificate: 
              $ mkdir certificates
            2. Change the current directory to the certificates folder: 
              $ cd certificates
            3. In the certificates folder, specify a password and generate an RSA private key. Where it says <your_password>, specify your own password. 
              $ openssl genrsa -des3 -passout pass:<your_password> -out server.pass.key 2048
            4. Create a key file from the server.pass.key file using the password that you created in the previous step: 
              $ openssl rsa -passin pass:<your_password> -in server.pass.key -out server.key
            5. Delete the server.pass.key: 
              $ rm server.pass.key
            6. Request and generate the certificate: 
              $ openssl req -new -key server.key -out server.csr
            7. Enter the required information.
              1. Enter your company details.
              2. When prompted for the challenge password, press Enter.

                The Certificate Authorities use this password to authenticate the certificate owner when they want to revoke their certificate. You can’t revoke it via the Certificate Revocation List (CRL) because it’s a self-signed certificate.

            8. Generate the SSL certificate: 
              $ openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt

            The server.crt file is generated as the output. If you’ve manually integrated your contact center, copy the file content and update the values of the reqTelephonyIntegrationCertificate and reqTelephonyIntegrationKeyPairExpDate attributes in the contact center definition file. For more information on the attributes, see Prepare Contact Center Definition File.

             
            Loading
            Salesforce Help | Article