How to create self signed ssl certificate, easy steps

 These are the ready commands to create self-signed SSL certificate. These certificates can be used for testing purposes. For a production-grade application, you need to contact a CA authority to get the actual SSL certificate. But for your internal testing, you can always use a self-signed SSL certificate. 


Here are the steps to create a Self Signed SSL certificate using OpenSSL


# generate self sigend ssl certificate


rm -rf *.pem


echo "Generating CA certificates"

# Step 1: generate CAs certificate

openssl req -x509 -newkey rsa:4096 -days 365 -keyout ca-key.pem -out ca-cert.pem -subj "/C=IN/ST=kartnataka/L=bangalore/O=test/OU=test/CN=*.test.com/emailAddress=test@test"

#inspect the CAs certificate

#openssl x509 -in ca-cert.pem -noout -text


# Step 2 generate server sign request certificate which will be used for self signing. Change the subject to as per web server


echo "Generating Server certificate sign request"

openssl req  -newkey rsa:4096 -keyout server-key.pem -out server-req.pem -subj "/C=IN/ST=kartnataka/L=bangalore/O=sever/OU=server/CN=*.server.com/emailAddress=server@test"


#openssl x509 -in server-req.pem -noout -text

# Step 3 Sign certificate


echo "Signing the server certificate with CA"

openssl x509 -req -in server-req.pem -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-signed-cert.pem


# Inspect the signed certificate


#openssl x509 -in server-signed-cert.pem -noout -text

FREE 50 Linux Interview Questions and Answers for Beginner Level

Desclainer: Please note that the answers to these questions are correct to my knowledge. Please feel free to comment if you find any incorre...