Create certificates for Azure cloud

This section describes how to create a self-signed certificate. To create a certificate signed by CA, refer to the OpenSSL documentation.

To create a self-signed certificate:

  1. Install the prerequisite software.

    1. Download and install Microsoft Visual C++ 2008 Redistributable Package (x86) from
    2. Download and install the latest version of OpenSSL from Use all of the default settings.
  2. Set up the OpenSSL environment.

    Run the following commands:

    1. set OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg
    2. cd C:\OpenSSL-Win32\bin
    3. openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout myazurekey.pem -out myazurekey.pem

    Enter the required information. When prompted, press Enter to confirm each operation. A file titled myazurekey.pem is created in the C:\OpenSSL-Win32\bin folder.

  3. Create the certificate.

    Run the following command:

    openssl x509 -inform PEM -in myazurekey.pem -outform DER -out myazurekey.cer.

    The myazurekey.cer file is created in the C:\OpenSSL-Win32\bin folder.

  4. Upload the certificate to the Azure machine.

    Use the Azure Console > Settings > Manage Certificates view to upload the myazurekey.cer file to Azure.

  5. Add the certificate in Controller.

    In Controller, select Tools > Manage Cloud Accounts. Select Microsoft Azure as the provider, and specify the myazurekey.pem file as the certificate. For details, see Manage Cloud Accounts dialog box.

Back to top