Creating a Certificate
Create a certificate to manage internally, including the certificate's private key.
You must have the appropriate level of security access to create a certificate. For more information, see Required IAM Policy.
You can create a certificate in multiple ways, including by using the Certificates service to issue a certificate and importing a certificate issued by a third-party certificate authority (CA). For the steps to import a certificate, see Importing a Certificate.
Multiple ways of managing a certificate also impact the creation process. When you issue a certificate, you can generate and manage the private key internally by using the same CA to handle everything. You can also generate a certificate signing request (CSR) and private key on the server where you plan to install the certificate, and then submit that CSR to a CA to issue a certificate, while managing the private key externally. This task describes how to issue a certificate that you plan to manage internally. For the steps to issue a certificate that you manage externally with a third-party CA, see Creating a Certificate to Manage Externally.
Use the oci certs-mgmt certificate create-certificate-issued-by-internal-ca command and required parameters to create a certificate issued by the Certificates service:
oci certs-mgmt certificate create-certificate-issued-by-internal-ca --certificate-profile-type <certificate_usage_profile> --compartment-id <compartment_OCID> --issuer-certificate-authority-id <issuing_CA_OCID> --name <certificate_name> --subject <subject_information>
For example:
oci certs-mgmt certificate create-certificate-issued-by-internal-ca --certificate-profile-type TLS_SERVER_OR_CLIENT --compartment-id ocid1.compartment.oc1..<unique_id> --issuer-certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --name internalCert --subject file://path/to/certsubject.json
For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the CreateCertificate operation to create a certificate that you plan to manage internally.