Skip to content

Instantly share code, notes, and snippets.

@fkurz

fkurz/self-signed-certificate-key-pair-localhost.md

Last active February 16, 2019 20:15
Show Gist options
  • Save fkurz/1d8a23a4cc6eaea6206bc6aa29f70691 to your computer and use it in GitHub Desktop.
Save fkurz/1d8a23a4cc6eaea6206bc6aa29f70691 to your computer and use it in GitHub Desktop.
Download ZIP
Snippet: How to create a self-signed certificate and key pair for localhost
Raw
self-signed-certificate-key-pair-localhost.md

The Let's Encrypt website covers this topic in depth. Using the right config values is key. openssl simplifies the cert creation.

echo -n "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth" > /tmp/ssl-config
openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 365 -keyout /etc/ssl/server.key -out /etc/ssl/server.crt -subj '/CN=localhost' -extensions EXT -config /tmp/ssl-config

Note: We create a temporary config file to use as the -conf parameter instead of using process substitution (-conf <(...)) because of better compatibility.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment