Creating SSL certificate using Openssl for localhost to use https on local machine

create ssl certificate openssl for local https.txt

Setting Up A Localhost Self-signed Certificate (SSL) For Local Https
==========================================================================


- GENERATE THE CERTIFICATE

# 1. generate key 

- create an 'ssl' folder somewhere 
- cd to it

openssl genrsa -des3 -out codertoon.key 2048

[provide a passphrase]


# 2. create CSR 

openssl req -new -key codertoon.key -out codertoon.csr

[enter passphrase]

- enter details
- leave challenge pass blank

- Common Name: *.secure.dev (for a subdomain wildcard on your localhost domain)



# 3. generate the certificate

openssl x509 -req -days 1825 -in codertoon.csr -signkey codertoon.key -out codertoon.crt

[enter passphrase]


# 4. remove passphrase (or server will ask on every reboot)

cp codertoon.key codertoon.tmp

openssl rsa -in codertoon.tmp -out codertoon.key

[enter passphrase]

# 5. Add certificate to your local keychain.  (Stops browser 'red lock' on slf-signed certificate)

- Double-click the CRT file  (Keychain assitant should open)
- Click Install Certificate
- Choose Trusted Root Certification Authorities

# 6. Converting your .crt certificate to .pfx certificate

openssl pkcs12 -export -out codertoon.pfx -inkey codertoon.key -in codertoon.crt

# 7. To include certificate in IIS (Windows)
- Goto IIS Manager
- Click on your Server and choose Server Certificates under IIS tab
- Import codertoon.pfx certificate from it's saved location
- Choose your website and edit basic bindings and choose https and your certificate to proceed.
- Run your website.

[Important Note: Your website hostname and Common name for the ssl should be same to make it work.]