Creating Self Signed SSL Server Certificate with Keytool - dogtagpki/pki GitHub Wiki

Creating Self-Signed SSL Server Certificate

To generate a certificate with RSA key:

$ keytool \
    -genkeypair \
    -keystore keystore.p12 \
    -storetype pkcs12 \
    -storepass Secret.123 \
    -alias sslserver \
    -dname "CN=$HOSTNAME" \
    -keyalg RSA \
    -keypass Secret.123

To generate a certificate with ECC key:

$ keytool \
    -genkeypair \
    -keystore keystore.p12 \
    -storetype pkcs12 \
    -storepass Secret.123 \
    -alias sslserver \
    -dname "CN=$HOSTNAME" \
    -keyalg EC \
    -keypass Secret.123

See Also

⚠️ **GitHub.com Fallback** ⚠️