Creating Self Signed SSL Server Certificate with OpenSSL - dogtagpki/pki GitHub Wiki

Creating Self-Signed SSL Server Certificate

To create a certificate with RSA key:

$ openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -days 365 \
    -subj "/CN=$HOSTNAME" \
    -keyout sslserver.key \
    -out sslserver.crt

To create a certificate with ECC key:

$ openssl ecparam \
    -genkey \
    -name prime256v1 \
    -out sslserver.eckey
$ openssl pkcs8 \
    -topk8 \
    -nocrypt \
    -in sslserver.eckey \
    -out sslserver.key
$ openssl req \
    -new \
    -x509 \
    -nodes \
    -days 365 \
    -subj "/CN=$HOSTNAME" \
    -key sslserver.key \
    -out sslserver.crt

See Also

Generating SSL Server Certificate

Tip	To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.

⚠️ GitHub.com Fallback ⚠️