How do I create a secure (SSL/Certified) inbound connection to Monetra?

First, make sure you have OpenSSL installed (via RPM or source from Once OpenSSL is installed, create the certificate as you would for an Apache SSL server:

  1. Generate the private key openssl genrsa 2048 >
  2. Generate a CSR from your key openssl req -new -sha256 -key >
  3. Generate a self-signed certificate openssl req -x509 -key -in >

You may use the self-signed certificate to run the Monetra engine, but it is recommended that you purchase a signed certificate from Thawte or Verisign. You will be required to send the the that you generated in Step 2. When you receive your certificate, install it in place of your self-signed cert, and restart the Monetra engine.

Make sure your Key and Certificate are viewable only to the monetra user. Anyone who obtains the Key and Certificate would be able to "impersonate" you!

Note: Both the .key and .crt must be configured in the /etc/monetra/prefs.conf file for SSL communication to take place (of course unless you created a combined key/crt not discussed here)