Replace the self-signed SSL certificate in EcoStruxure IT Gateway

Hi Community,

Seeking some advise and would like to know if anyone has managed to successfully implemented this.

EIT Gateway v.1.24 installed on Windows Server on LAN.

Trying to figure out how to complete self-sign the CSR generated from this guide here:

https://community.se.com/t5/Troubleshooting/How-to-replace-the-self-signed-SSL-certificate-in-EcoStr...

I have managed to get to step: 

Create a certificate signing request and a new SSL certificate signed by a trusted CA

Type the command:
"C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -certreq -alias dcos -keystore dcos.keystore -file newSxOnGW.csr

I have the "newSxOnGW.csr" file in the \keystore folder generated fine.

however the below values are not prompted when executing the above command

Enter the required values when prompted. The first value must match the hostname or FQDN (Fully Qualified Domain Name) of the server where EcoStruxure IT Gateway is installed.

Furthermore the steps below which is after the above steps:

Import the Root CA and Web Server SSL certificates to the EcoStruxure IT Gateway keystore

Copy rootca.crt and newSxOnGW.crt to the machine where EcoStruxure IT Gateway is installed.

I am using OpenSSL on Windows, could someone provide some information on how to generate .crt and rootca.crt from the newSxOnGW.csr so I can continue with the steps 3 and onwards ?

Many thanks