Skip to content

Instantly share code, notes, and snippets.

@taoyuan
Last active April 19, 2024 11:23
Show Gist options
  • Star 25 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save taoyuan/39d9bc24bafc8cc45663683eae36eb1a to your computer and use it in GitHub Desktop.
Save taoyuan/39d9bc24bafc8cc45663683eae36eb1a to your computer and use it in GitHub Desktop.
Generation of a Self Signed Certificate

Generation of a Self Signed Certificate

Generation of a self-signed SSL certificate involves a simple 3-step procedure:

STEP 1: Create the server private key

openssl genrsa -out cert.key 2048

STEP 2: Create the certificate signing request (CSR)

openssl req -new -key cert.key -out cert.csr

STEP 3: Sign the certificate using the private key and CSR

openssl x509 -req -days 3650 -in cert.csr -signkey cert.key -out cert.crt

Congratulations! You now have a self-signed SSL certificate valid for 10 years.

openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
-subj "/C=GB/ST=London/L=London/O=Global Security/OU=R&D Department/CN=example.com" \
-keyout cert.key -out cert.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment