How to provision certificates to Linux based systems using a certificate key pair

Applies to:

Venafi Encryption Director 6.1 or greater





  1. Open a terminal as root.
  2. Create a user that Director will use to authenticate with the Linux Server.
  3. Change directory to /</.ssh/
    #cd ~


1. SSH to the Linux Server.2. Create the Private key.

openssl genrsa -out my3DES.key -des3 2048

Note: Create a phasphrase

3. chmod 400 my3DES.key

3. ssh-keygen -y -f ~/.ssh/my3DES.key > ~/.ssh/my3DES.pub

note: Make sure that the permissions are only for root.

4. Copy the my3DES.pub key into the authorized_keys directory.

5. Import the private key into directory.


Please sign in to leave a comment.