SSL Notes

Creating a self-signed SSL Certificate

First create an RSA key

openssl genrsa 2048 > foo.key

Then, create a certificate signing request

openssl req -new -key ./foo.key > foo.csr

And finally create the certificate

openssl x509 -req -in foo.csr -out foo.crt -signkey ./2048.key -days 365

Note: -req tells openssl that this is a certificate request that should sign and output

Creating a self-signed certificate in less commands.

There are many different ways to generate keys. Here is another way.

DigitalOcean accomplished the same tasks but in two commands instead.

Generate the private key and certificate

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout foo.key -out foo.crt

Generate the certificate signing request

openssl req -new -key foo.key -nodes -days 365 -out foo.csr

Leave a comment