You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ NAME=mydomain.com # Use your own domain name# Generate a private key
$ openssl genrsa -out $NAME.key 2048
# Create a certificate-signing request
$ openssl req -new -key $NAME.key -config crt.cfg -out $NAME.csr
# Create a config file for the extensions
$ >$NAME.ext cat <<-EOFauthorityKeyIdentifier=keyid,issuerbasicConstraints=CA:FALSEkeyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEnciphermentsubjectAltName = @alt_names[alt_names]DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itselfDNS.2 = bar.$NAME # Optionally, add additional domains (I've added a subdomain here)IP.1 = 192.168.0.13 # Optionally, add an IP address (if the connection which you have planned requires it)EOF# Create the signed certificate
$ openssl x509 -req -in $NAME.csr -CA ca.pem -CAkey ca.key -CAcreateserial \
-out $NAME.crt -days 825 -sha256 -extfile $NAME.ext