create a self signed wildcard ssl cert for testing with nginx.conf example

wildcard-ssl-cert-for-testing-nginx-conf.md

just change out app_name for your purposes

openssl genrsa 2048 > app_name-wildcard.key

openssl req -new -x509 -nodes -sha1 -days 3650 -key app_name-wildcard.key > app_name-wildcard.cert

# Common Name (eg, your name or your server's hostname) []:*.app_name.com

openssl x509 -noout -fingerprint -text < app_name-wildcard.cert > app_name-wildcard.info

cat app_name-wildcard.cert app_name-wildcard.key > app_name-wildcard.pem

chmod 644 app_name-wildcard.key app_name-wildcard.pem

example nginx conf below

# SSL

server {
  listen 443;
	server_name *.app_name.com;

	ssl                  on;
	ssl_certificate      /etc/nginx/ssl/app_name-wildcard.pem;
	ssl_certificate_key  /etc/nginx/ssl/app_name-wildcard.key;
	ssl_session_timeout  5m;

}

What is the point of generating the .info file? Where is it used?

Thanks for sharing. Worked without a hitch.

Looks like this was just copied from a post on blog.celgeek.com. The comments there don't explain why the .info file is generated either.

Judging from the guide on IBM's Knowledge Center, the .info file just contains the certificate's information - creating it is not neccessary.

what if I want naked and wildcard domain?

I follow same steps.

I am getting error with with yellow mark and exception when open it. I go to certificate view from browser and it show me : This website does not supply ownership information.

so is there any solution??? I wanted to use wildcard domain enter for local service use only.

I wanted to use wildcard domain enter for local service use only.

And you can use it, but it will not be securely accepted by browsers because it is self signed.
Ownership error can be ignored - it's usually about EV (Extended Validation), which usually costs additional money for real certificates and is certainly not an option at all for self-signed certificates.