How to create a self-signed certificate ?

  • Private key generation:
    openssl genrsa -out ./server.key 1024
  • Public key (certificate) generation:
    openssl req -new -key ./server.key -x509 -days 3650 -out ./server.crt

    (3650 means ten years of validity)

  • View the certificate content (human read):
    openssl x509 -in server.crt -text -noout
  • Then you can use this certificat for example in your apache serveur to handle HTTPS urls :
        SSLEngine On
        SSLCertificateFile    /etc/apache2/ssl/server.crt
        SSLCertificateKeyFile /etc/apache2/ssl/server.key


Enter your comment

Recent changes RSS feed Valid XHTML 1.0 Valid CSS Driven by DokuWiki