Creating the Deep Discovery Email Inspector Private Key and Certificate

Create the Deep Discovery Email Inspector private key and certificate to secure the communication channel.

# openssl genrsa -out /tmp/ddei_key.pem

Generating RSA private key, 1024 bit long modulus



e is 65537 (0x10001)

# openssl req -new -key /tmp/ddei_key.pem -out /tmp/ddei_req.pem

You are about to be asked to enter information that will be incorporated into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.


Country Name (2 letter code) [GB]:DE

State or Province Name (full name) [Berkshire]:Bavaria

Locality Name (eg, city) [Newbury]:Munich

Organization Name (eg, company) [My Company Ltd]:Trend Micro

Organizational Unit Name (eg, section) []:Global Training

Common Name (eg, your name or your server's host name) []:linux.course.test

Email Address []:<Enter>

Please enter the following 'extra' attributes to be sent with your certificate request

A challenge password []:<Enter>

An optional company name []:<Enter>

After completing this procedure, the /tmp/ddei_key.pem file contains the Deep Discovery Email Inspector (linux.course.test) private key in PEM-format. The /tmp/ddei_req.pem file contains the unsigned certificate (certificate request) in the PEM-format.


The Common Name (CN) field for the key owner must be equal to the FQDN or be the same as the name specified in the domain-based delivery.