Skip to content

Instantly share code, notes, and snippets.

@balupton balupton/
Last active Jun 3, 2017

What would you like to do?
Create a SSL Certificate

Now replaced by Lets Encrypt, however this is how I use to do it:



export c_name="bevry"
export c_json="../${c_name}.json"
export c_cert="${c_name}-cert.pem"
export c_key="${c_name}-key.pem"
export c_hostname="${c_name}.me"

# cfssl genkey $c_json | cfssljson -bare ca
# cfssl gencert -initca $c_json | cfssljson -bare ca
# cfssl gencert -ca $c_cert -ca-key $c_key $c_hostname $c_json | cfssljson -bare ca

Couldn't figure out how to get this method to work:

Open SSL

export c_name="forum"
export c_csr="${c_name}.csr"
export c_key="${c_name}.key"
export c_crt="${c_name}.crt"
openssl req -nodes -newkey rsa:2048 -keyout $c_key -out $c_csr
openssl x509 -req -in $c_csr -signkey $c_key -out $c_crt
Generating a 2048 bit RSA private key... writing new private key to 'myserver.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:Western Australia
Locality Name (eg, city) []:Perth
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bevry Pty Ltd
Organizational Unit Name (eg, section) []:Bevry Leadership Team
Common Name (e.g. server FQDN or YOUR name) []
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
string is too long, it needs to be less than  20 bytes long
A challenge password []:
An optional company name []:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.