self signed SSL certificate 1 liner (using openSSL)
There are many ways to generate self signed certificate, but this one is the easiest…
In shell type:
|
1 2 |
sudo su openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -days 999 -nodes |
If you skip -nodes flag, you will be required to enter passphrase every time you restart apache.
Command will generate interactive interface where you will be able to enter basic data about the certificate. Some of the points can be skipped.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
Generating a 2048 bit RSA private key ..................................+++ ..........................................................................................+++ writing new private key to 'key.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:GE State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]:idev LTD Organizational Unit Name (eg, section) []:IT Common Name (e.g. server FQDN or YOUR name) []:*.idev.ge Email Address []:mymail@idev.ge |
If you skip FQDN or enter just name, without specifying domain, you will not be able to add certificate to trusted under chrome.
Leave a Reply