telegram-crawler/data/corefork.telegram.org/bots/self-signed.html

<!DOCTYPE html>
<html class="">
  <head>
    <meta charset="utf-8">
    <title>Using self-signed certificates</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta property="description" content="Upload your certificate using the certificate parameter in the setWebhook method. The certificate supplied should be PEM…">
    <meta property="og:title" content="Using self-signed certificates">
    <meta property="og:image" content="">
    <meta property="og:description" content="Upload your certificate using the certificate parameter in the setWebhook method. The certificate supplied should be PEM…">
    <link rel="shortcut icon" href="/favicon.ico?4" type="image/x-icon" />

    <link href="/css/bootstrap.min.css?3" rel="stylesheet">
    
    <link href="/css/telegram.css?215" rel="stylesheet" media="screen">
    <style>
    </style>
  </head>
  <body class="preload">
    <div class="dev_page_wrap">
      <div class="dev_page_head navbar navbar-static-top navbar-tg">
        <div class="navbar-inner">
          <div class="container clearfix">
            <ul class="nav navbar-nav navbar-right hidden-xs"><li class="navbar-twitter"><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)"><i class="icon icon-twitter"></i><span> Twitter</span></a></li></ul>
            <ul class="nav navbar-nav">
              <li><a href="//telegram.org/">Home</a></li>
<li class="hidden-xs"><a href="//telegram.org/faq">FAQ</a></li>
<li class="hidden-xs"><a href="//telegram.org/apps">Apps</a></li>
<li class=""><a href="/api">API</a></li>
<li class=""><a href="/mtproto">Protocol</a></li>
<li class=""><a href="/schema">Schema</a></li>
            </ul>
          </div>
        </div>
      </div>
      <div class="container clearfix">
        <div class="dev_page">
          <div id="dev_page_content_wrap" class=" ">
  <div class="dev_page_bread_crumbs"><ul class="breadcrumb clearfix"><li><a  href="/bots" >Telegram Bots</a></li><i class="icon icon-breadcrumb-divider"></i><li><a  href="/bots/faq" >FAQ</a></li><i class="icon icon-breadcrumb-divider"></i><li><a  href="/bots/self-signed" >Using self-signed certificates</a></li></ul></div>
  <h1 id="dev_page_title">Using self-signed certificates</h1>
  
  <div id="dev_page_content"><p>Upload your certificate using the <em>certificate</em> parameter in the <a href="/bots/api#setwebhook">setWebhook</a> method. The certificate supplied should be <strong>PEM encoded</strong> (ASCII BASE64), the pem file should only contain the <strong>public key</strong> (including BEGIN and END portions). When converting from a bundle format, please split the file to only include the public key.</p>
<h3><a class="anchor" name="generating-a-self-signed-certificate-pair-pem" href="#generating-a-self-signed-certificate-pair-pem"><i class="anchor-icon"></i></a>Generating a self-signed certificate pair (PEM):</h3>
<h4><a class="anchor" name="openssl" href="#openssl"><i class="anchor-icon"></i></a>Openssl</h4>
<blockquote>
<p>Windows binaries for Openssl are available online</p>
</blockquote>
<p><code>openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj &quot;/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE&quot;</code></p>
<p>YOURPUBLIC.pem has to be used as input for setting the self-signed webhook.</p>
<p>You can inspect the generated certificate with:<br><code>openssl x509 -text -noout -in YOURPUBLIC.pem</code></p>
<p>Converting from a previously generated DER:<br><code>openssl x509 -inform der -in YOURDER.der -out YOURPEM.pem</code></p>
<p>Converting from a previously generated PKCS12:<br><code>openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem</code></p>
<blockquote>
<p>More information: https://www.openssl.org/</p>
</blockquote>
<h4><a class="anchor" name="java-keystore" href="#java-keystore"><i class="anchor-icon"></i></a>Java keystore</h4>
<p>Generate self-signed JKS:<br><code>keytool -genkey -keyalg RSA -alias YOURDOMAIN.EXAMPLE -keystore YOURJKS.jks -storepass YOURPASSWORD -validity 360 -keysize 2048</code></p>
<p>Converting JKS to pkcs12 (intermediate step for conversion to PEM):<br><code>keytool -importkeystore -srckeystore YOURJKS.jks -destkeystore YOURPKCS.p12 -srcstoretype jks -deststoretype pkcs12</code></p>
<p>Convert PKCS12 to PEM (requires openssl):<br><code>openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem</code></p>
<blockquote>
<p>More information: https://docs.oracle.com</p>
</blockquote>
<h4><a class="anchor" name="windows" href="#windows"><i class="anchor-icon"></i></a>Windows</h4>
<p>Creating a self-signed certificate using Windows native utilities is also possible, although OpenSSL binaries for Windows are available online.</p>
<p>On the commandline:<br><code>certreq -new TEMPLATE.txt RequestFileOut</code></p>
<p>TEMPLATE.txt example file:</p>
<pre><code>[NewRequest]

; At least one value must be set in this section
Subject = &quot;CN=DOMAIN.EXAMPLE&quot;
KeyLength = 2048
KeyAlgorithm = RSA
HashAlgorithm = sha256
;MachineKeySet = true
RequestType = Cert
UseExistingKeySet=false ;generates a new private key (for export)
Exportable = true ;makes the private key exportable with the PFX</code></pre>
<p>A self-signed certificate will be generated and installed, to view the certificate:<br><code>certutil -store -user my</code></p>
<p>To export in DER format (intermediate step for conversion to PEM)<br><code>certutil -user -store -split my SERIALNUMBER YOURDER.crt</code></p>
<p>Converting to PEM (used for setting the webhook)<br><code>certutil -encode YOURDER.crt YOURPEM.cer</code></p>
<p>To delete a certificate from your store:<br><code>certutil -delstore -user my SERIALNUMBER</code> (from view)</p>
<p>To export in PFX(PKCS12) format<br><code>certutil -exportpfx -user YOURDOMAIN.EXAMPLE YOURPKCS.pfx NoChain</code></p>
<blockquote>
<p>More information: https://technet.microsoft.com</p>
</blockquote>
<p>Converting YOURPKCS.pfx to PEM including the private key is best done with OpenSSL:<br><code>openssl pkcs12 -in YOURPKCS.pfx -out YOURPEM.cer</code></p>
<p>Remember that only the public key is needed as input for the self-signed webhook certificate parameter. certmgr.msc can also be used as a GUI to export the public part of self-signed certificates to PEM.</p>
</div>
  
</div>
          
        </div>
      </div>
      <div class="footer_wrap">
  <div class="footer_columns_wrap footer_desktop">
    <div class="footer_column footer_column_telegram">
      <h5>Telegram</h5>
      <div class="footer_telegram_description"></div>
      Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.
    </div>

    <div class="footer_column">
      <h5><a href="//telegram.org/faq">About</a></h5>
      <ul>
        <li><a href="//telegram.org/faq">FAQ</a></li>
        <li><a href="//telegram.org/blog">Blog</a></li>
        <li><a href="//telegram.org/jobs">Jobs</a></li>
      </ul>
    </div>
    <div class="footer_column">
      <h5><a href="//telegram.org/apps#mobile-apps">Mobile Apps</a></h5>
      <ul>
        <li><a href="//telegram.org/dl/ios">iPhone/iPad</a></li>
        <li><a href="//telegram.org/dl/android">Android</a></li>
        <li><a href="//telegram.org/dl/wp">Windows Phone</a></li>
      </ul>
    </div>
    <div class="footer_column">
      <h5><a href="//telegram.org/apps#desktop-apps">Desktop Apps</a></h5>
      <ul>
        <li><a href="//desktop.telegram.org/">PC/Mac/Linux</a></li>
        <li><a href="//macos.telegram.org/">macOS</a></li>
        <li><a href="//telegram.org/dl/web">Web-browser</a></li>
      </ul>
    </div>
    <div class="footer_column footer_column_platform">
      <h5><a href="//core.telegram.org/">Platform</a></h5>
      <ul>
        <li><a href="//core.telegram.org/api">API</a></li>
        <li><a href="//translations.telegram.org/">Translations</a></li>
        <li><a href="//instantview.telegram.org/">Instant View</a></li>
      </ul>
    </div>
  </div>
  <div class="footer_columns_wrap footer_mobile">
    <div class="footer_column">
      <h5><a href="//telegram.org/faq">About</a></h5>
    </div>
    <div class="footer_column">
      <h5><a href="//telegram.org/blog">Blog</a></h5>
    </div>
    <div class="footer_column">
      <h5><a href="//telegram.org/apps">Apps</a></h5>
    </div>
    <div class="footer_column">
      <h5><a href="//core.telegram.org/">Platform</a></h5>
    </div>
    <div class="footer_column">
      <h5><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)">Twitter</a></h5>
    </div>
  </div>
</div>
    </div>
    <script src="/js/main.js?43"></script>
    
    <script>backToTopInit("Go up");
removePreloadInit();
</script>
  </body>
</html>
Update content of files 2021-11-14 12:07:17 +01:00			`<!DOCTYPE html>`
			`<html class="">`
			`<head>`
			`<meta charset="utf-8">`
			`<title>Using self-signed certificates</title>`
			`<meta name="viewport" content="width=device-width, initial-scale=1.0">`
			`<meta property="description" content="Upload your certificate using the certificate parameter in the setWebhook method. The certificate supplied should be PEM…">`
			`<meta property="og:title" content="Using self-signed certificates">`
			`<meta property="og:image" content="">`
			`<meta property="og:description" content="Upload your certificate using the certificate parameter in the setWebhook method. The certificate supplied should be PEM…">`
			`<link rel="shortcut icon" href="/favicon.ico?4" type="image/x-icon" />`

			`<link href="/css/bootstrap.min.css?3" rel="stylesheet">`

Update content of files 2021-12-09 13:14:59 +01:00			`<link href="/css/telegram.css?215" rel="stylesheet" media="screen">`
Update content of files 2021-11-14 12:07:17 +01:00			`<style>`
			`</style>`
			`</head>`
			`<body class="preload">`
			`<div class="dev_page_wrap">`
			`<div class="dev_page_head navbar navbar-static-top navbar-tg">`
			`<div class="navbar-inner">`
			`<div class="container clearfix">`
			`<ul class="nav navbar-nav navbar-right hidden-xs"><li class="navbar-twitter"><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)"><i class="icon icon-twitter"></i><span> Twitter</span></a></li></ul>`
			`<ul class="nav navbar-nav">`
			`<li><a href="//telegram.org/">Home</a></li>`
			`<li class="hidden-xs"><a href="//telegram.org/faq">FAQ</a></li>`
			`<li class="hidden-xs"><a href="//telegram.org/apps">Apps</a></li>`
			`<li class=""><a href="/api">API</a></li>`
			`<li class=""><a href="/mtproto">Protocol</a></li>`
			`<li class=""><a href="/schema">Schema</a></li>`
			`</ul>`
			`</div>`
			`</div>`
			`</div>`
			`<div class="container clearfix">`
			`<div class="dev_page">`
			`<div id="dev_page_content_wrap" class=" ">`
			`<div class="dev_page_bread_crumbs"><ul class="breadcrumb clearfix"><li><a href="/bots" >Telegram Bots</a></li><i class="icon icon-breadcrumb-divider"></i><li><a href="/bots/faq" >FAQ</a></li><i class="icon icon-breadcrumb-divider"></i><li><a href="/bots/self-signed" >Using self-signed certificates</a></li></ul></div>`
			`<h1 id="dev_page_title">Using self-signed certificates</h1>`

			`<div id="dev_page_content"><p>Upload your certificate using the <em>certificate</em> parameter in the <a href="/bots/api#setwebhook">setWebhook</a> method. The certificate supplied should be <strong>PEM encoded</strong> (ASCII BASE64), the pem file should only contain the <strong>public key</strong> (including BEGIN and END portions). When converting from a bundle format, please split the file to only include the public key.</p>`
			`<h3><a class="anchor" name="generating-a-self-signed-certificate-pair-pem" href="#generating-a-self-signed-certificate-pair-pem"><i class="anchor-icon"></i></a>Generating a self-signed certificate pair (PEM):</h3>`
			`<h4><a class="anchor" name="openssl" href="#openssl"><i class="anchor-icon"></i></a>Openssl</h4>`
			`<blockquote>`
			`<p>Windows binaries for Openssl are available online</p>`
			`</blockquote>`
			`<p><code>openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE"</code></p>`
			`<p>YOURPUBLIC.pem has to be used as input for setting the self-signed webhook.</p>`
			`<p>You can inspect the generated certificate with:<br><code>openssl x509 -text -noout -in YOURPUBLIC.pem</code></p>`
			`<p>Converting from a previously generated DER:<br><code>openssl x509 -inform der -in YOURDER.der -out YOURPEM.pem</code></p>`
			`<p>Converting from a previously generated PKCS12:<br><code>openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem</code></p>`
			`<blockquote>`
			`<p>More information: https://www.openssl.org/</p>`
			`</blockquote>`
			`<h4><a class="anchor" name="java-keystore" href="#java-keystore"><i class="anchor-icon"></i></a>Java keystore</h4>`
			`<p>Generate self-signed JKS:<br><code>keytool -genkey -keyalg RSA -alias YOURDOMAIN.EXAMPLE -keystore YOURJKS.jks -storepass YOURPASSWORD -validity 360 -keysize 2048</code></p>`
			`<p>Converting JKS to pkcs12 (intermediate step for conversion to PEM):<br><code>keytool -importkeystore -srckeystore YOURJKS.jks -destkeystore YOURPKCS.p12 -srcstoretype jks -deststoretype pkcs12</code></p>`
			`<p>Convert PKCS12 to PEM (requires openssl):<br><code>openssl pkcs12 -in YOURPKCS.p12 -out YOURPEM.pem</code></p>`
			`<blockquote>`
			`<p>More information: https://docs.oracle.com</p>`
			`</blockquote>`
			`<h4><a class="anchor" name="windows" href="#windows"><i class="anchor-icon"></i></a>Windows</h4>`
			`<p>Creating a self-signed certificate using Windows native utilities is also possible, although OpenSSL binaries for Windows are available online.</p>`
			`<p>On the commandline:<br><code>certreq -new TEMPLATE.txt RequestFileOut</code></p>`
			`<p>TEMPLATE.txt example file:</p>`
			`<pre><code>[NewRequest]`

			`; At least one value must be set in this section`
			`Subject = "CN=DOMAIN.EXAMPLE"`
			`KeyLength = 2048`
			`KeyAlgorithm = RSA`
			`HashAlgorithm = sha256`
			`;MachineKeySet = true`
			`RequestType = Cert`
			`UseExistingKeySet=false ;generates a new private key (for export)`
			`Exportable = true ;makes the private key exportable with the PFX</code></pre>`
			`<p>A self-signed certificate will be generated and installed, to view the certificate:<br><code>certutil -store -user my</code></p>`
			`<p>To export in DER format (intermediate step for conversion to PEM)<br><code>certutil -user -store -split my SERIALNUMBER YOURDER.crt</code></p>`
			`<p>Converting to PEM (used for setting the webhook)<br><code>certutil -encode YOURDER.crt YOURPEM.cer</code></p>`
			`<p>To delete a certificate from your store:<br><code>certutil -delstore -user my SERIALNUMBER</code> (from view)</p>`
			`<p>To export in PFX(PKCS12) format<br><code>certutil -exportpfx -user YOURDOMAIN.EXAMPLE YOURPKCS.pfx NoChain</code></p>`
			`<blockquote>`
			`<p>More information: https://technet.microsoft.com</p>`
			`</blockquote>`
			`<p>Converting YOURPKCS.pfx to PEM including the private key is best done with OpenSSL:<br><code>openssl pkcs12 -in YOURPKCS.pfx -out YOURPEM.cer</code></p>`
			`<p>Remember that only the public key is needed as input for the self-signed webhook certificate parameter. certmgr.msc can also be used as a GUI to export the public part of self-signed certificates to PEM.</p>`
			`</div>`

			`</div>`

			`</div>`
			`</div>`
			`<div class="footer_wrap">`
			`<div class="footer_columns_wrap footer_desktop">`
			`<div class="footer_column footer_column_telegram">`
			`<h5>Telegram</h5>`
			`<div class="footer_telegram_description"></div>`
			`Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.`
			`</div>`

			`<div class="footer_column">`
			`<h5><a href="//telegram.org/faq">About</a></h5>`
			`<ul>`
			`<li><a href="//telegram.org/faq">FAQ</a></li>`
			`<li><a href="//telegram.org/blog">Blog</a></li>`
			`<li><a href="//telegram.org/jobs">Jobs</a></li>`
			`</ul>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="//telegram.org/apps#mobile-apps">Mobile Apps</a></h5>`
			`<ul>`
			`<li><a href="//telegram.org/dl/ios">iPhone/iPad</a></li>`
			`<li><a href="//telegram.org/dl/android">Android</a></li>`
			`<li><a href="//telegram.org/dl/wp">Windows Phone</a></li>`
			`</ul>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="//telegram.org/apps#desktop-apps">Desktop Apps</a></h5>`
			`<ul>`
			`<li><a href="//desktop.telegram.org/">PC/Mac/Linux</a></li>`
			`<li><a href="//macos.telegram.org/">macOS</a></li>`
			`<li><a href="//telegram.org/dl/web">Web-browser</a></li>`
			`</ul>`
			`</div>`
			`<div class="footer_column footer_column_platform">`
			`<h5><a href="//core.telegram.org/">Platform</a></h5>`
			`<ul>`
			`<li><a href="//core.telegram.org/api">API</a></li>`
			`<li><a href="//translations.telegram.org/">Translations</a></li>`
			`<li><a href="//instantview.telegram.org/">Instant View</a></li>`
			`</ul>`
			`</div>`
			`</div>`
			`<div class="footer_columns_wrap footer_mobile">`
			`<div class="footer_column">`
			`<h5><a href="//telegram.org/faq">About</a></h5>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="//telegram.org/blog">Blog</a></h5>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="//telegram.org/apps">Apps</a></h5>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="//core.telegram.org/">Platform</a></h5>`
			`</div>`
			`<div class="footer_column">`
			`<h5><a href="https://twitter.com/telegram" target="_blank" data-track="Follow/Twitter" onclick="trackDlClick(this, event)">Twitter</a></h5>`
			`</div>`
			`</div>`
			`</div>`
			`</div>`
Update content of files 2022-01-04 22:25:56 +01:00			`<script src="/js/main.js?43"></script>`
Update content of files 2021-11-14 12:07:17 +01:00
			`<script>backToTopInit("Go up");`
			`removePreloadInit();`
			`</script>`
			`</body>`
			`</html>`