Below is how to generate a self signed certificate for Mendix Outgoing Connections. This procedure does not include authority certs. Java will kick back for generating self signed certs. You’ll need a certificate authority. Below are notes of the process for self signed.
Generate Private Key.
openssl genrsa 2048 > mxoutgoing.key
Generate Certificate Signing Request.
openssl req -new -key ./mxoutgoing.key > mxoutgoing.csr
Use CSR to generate certificate and sign with private key.
Note: Common Name should contain the domain intended to use.
openssl x509 -in mxoutgoing.csr -out mxoutgoing.crt -req -signkey mxoutgoing.key -days 365
Create the pfx container using the Certificate, Key, and encrypt the container.
openssl pkcs12 -export -out mxoutcert.pfx -inkey mxoutgoing.key -in mxoutgoing.crt