Now replaced by Lets Encrypt, however this is how I use to do it:
- https://blog.cloudflare.com/universal-ssl-encryption-all-the-way-to-the-origin-for-free/
- https://blog.cloudflare.com/introducing-cfssl/
- https://github.com/cloudflare/cfssl/wiki/Creating-a-new-CSR
export c_name="bevry"
export c_json="../${c_name}.json"
export c_cert="${c_name}-cert.pem"
export c_key="${c_name}-key.pem"
export c_hostname="${c_name}.me"
# cfssl genkey $c_json | cfssljson -bare ca
# cfssl gencert -initca $c_json | cfssljson -bare ca
# cfssl gencert -ca $c_cert -ca-key $c_key $c_hostname $c_json | cfssljson -bare caCouldn't figure out how to get this method to work:
https://sideofgeek.wordpress.com/2008/01/08/creating-a-certificate-with-multiple-hostnames/
export c_name="forum"
export c_csr="${c_name}.csr"
export c_key="${c_name}.key"
export c_crt="${c_name}.crt"
openssl req -nodes -newkey rsa:2048 -keyout $c_key -out $c_csr
openssl x509 -req -in $c_csr -signkey $c_key -out $c_crtGenerating a 2048 bit RSA private key... writing new private key to 'myserver.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:Western Australia
Locality Name (eg, city) []:Perth
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bevry Pty Ltd
Organizational Unit Name (eg, section) []:Bevry Leadership Team
Common Name (e.g. server FQDN or YOUR name) []:discuss.bevry.me
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
string is too long, it needs to be less than 20 bytes long
A challenge password []:
An optional company name []: