Custom WPK packages creation

Get an X509 certificate and CA

To create a WPK package it is required to have an X509 certificate and CA if you already have it jump to the next section, if you don’t, follow these steps:

Create root CA

# openssl req -x509 -new -nodes -newkey rsa:2048 -keyout wpk_root.key -out wpk_root.pem -batch

Create a certificate and key

# openssl req -new -nodes -newkey rsa:2048 -keyout wpkcert.key -out wpkcert.csr -subj '/C=US/ST=CA/O=Wazuh'

Set the location as follows:

  • /C=US is the country.

  • /ST=CA is the state.

  • /O=Wazuh is the organization’s name.

Sign this certificate with the root CA

# openssl x509 -req -days 365 -in wpkcert.csr -CA wpk_root.pem -CAkey wpk_root.key -out wpkcert.pem -CAcreateserial

Build the WPK package

There are two different ways of creating a WPK, you can do it manually or you can use our automated method using docker: