How to create self signed ssl certificate, easy steps

 These are the ready commands to create self-signed SSL certificate. These certificates can be used for testing purposes. For a production-grade application, you need to contact a CA authority to get the actual SSL certificate. But for your internal testing, you can always use a self-signed SSL certificate. 


Here are the steps to create a Self Signed SSL certificate using OpenSSL


# generate self sigend ssl certificate


rm -rf *.pem


echo "Generating CA certificates"

# Step 1: generate CAs certificate

openssl req -x509 -newkey rsa:4096 -days 365 -keyout ca-key.pem -out ca-cert.pem -subj "/C=IN/ST=kartnataka/L=bangalore/O=test/OU=test/CN=*.test.com/emailAddress=test@test"

#inspect the CAs certificate

#openssl x509 -in ca-cert.pem -noout -text


# Step 2 generate server sign request certificate which will be used for self signing. Change the subject to as per web server


echo "Generating Server certificate sign request"

openssl req  -newkey rsa:4096 -keyout server-key.pem -out server-req.pem -subj "/C=IN/ST=kartnataka/L=bangalore/O=sever/OU=server/CN=*.server.com/emailAddress=server@test"


#openssl x509 -in server-req.pem -noout -text

# Step 3 Sign certificate


echo "Signing the server certificate with CA"

openssl x509 -req -in server-req.pem -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-signed-cert.pem


# Inspect the signed certificate


#openssl x509 -in server-signed-cert.pem -noout -text

No comments:

Post a Comment

How to create a self signed SSL certificate and how to use it with your web Server.

SSL certificate is the foremost important aspect of any website. If your website is running without the SSL, the modern browsers will stop t...