Created
July 26, 2023 03:15
-
-
Save Verfranc/964a7f26b372122322b2f336bfea9c2f to your computer and use it in GitHub Desktop.
CREATE SELF-SIGNED CERTIFICATE ON WINDOWS 10/11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Domain name, passphrase, and password | |
-------------------------------------------------- | |
Domain Name: testsite.dev | |
myca2027: s3creT | |
csr: s3creT | |
export password: s3creT | |
Create the testsite.dev.ext file | |
-------------------------------------------------- | |
file content: | |
authorityKeyIdentifier=keyid,issuer | |
basicConstraints=CA:FALSE | |
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment | |
subjectAltName = @alt_names | |
[alt_names] | |
DNS.1 = testsite.dev | |
DNS.2 = testsite | |
Git Bash Commands | |
----------------------- | |
winpty openssl genrsa -des3 -out myCA2027.key 2048 | |
winpty openssl req -x509 -new -nodes -key myCA2027.key -sha256 -days 1825 -out myCA2027.pem | |
winpty openssl genrsa -out testsite.dev.key 2048 | |
winpty openssl req -new -key testsite.dev.key -out testsite.dev.csr | |
winpty openssl x509 -req -in testsite.dev.csr -CA myCA2027.pem -CAkey myCA2027.key -CAcreateserial -out testsite.dev.crt -days 365 -sha256 -extfile testsite.dev.ext | |
winpty openssl verify -CAfile myCA2027.pem -verify_hostname testsite.dev.crt // hanged/failed | |
winpty openssl pkcs12 -export -out testsite.dev.pfx -inkey testsite.dev.key -in testsite.dev.crt | |
Import certificate to Local Computer Certificates | |
-------------------------------------------------- | |
Import myCA2017.pem to Trusted Root Certification Authorities | |
Import testsite.dev.pfx to Web Hosting |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment