HOWTO: Create a self-signed (wildcard) SSL certificate

Posted on March 11, 2006, 11:35 pm, by justin, under HOWTOs, Linux.

The following commands are all you need to create a self-signed (wildcard, if you want) SSL certificate:

mkdir /usr/share/ssl/certs/hostname.domain.com
cd /usr/share/ssl/certs/hostname.domain.com
(umask 077 && touch host.key host.cert host.info host.pem)
openssl genrsa 2048 > host.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key host.key > host.cert
...[enter *.domain.com for the Common Name]...
openssl x509 -noout -fingerprint -text < host.cert > host.info
cat host.cert host.key > host.pem
chmod 400 host.key host.pem

Comment (RSS)  |  Trackback

5 Comments

  1. Denny says:
    April 16, 2008 at 4:12 am

    Thanks for this and the SSL imap/smtp post.

    Reply to this comment
  2. Cognizant Transmutaion » HOWTO: Install iClassify on Ubuntu and Mac OS X LeopardCo says:
    January 8, 2009 at 11:36 pm

    [...] Basic instructions for setting up ssl certificates can be found at Just Samuels blog post HOWTO: Create a self-signed (wildcard) SSL certificate [...]

    Reply to this comment
  3. Nick Stallman says:
    February 13, 2009 at 8:29 pm

    Just a note: It covers all the subdomains but not domain.com

    Reply to this comment
  4. Carl says:
    February 17, 2009 at 6:29 pm

    Thanks, Justin. I’ve read that this sort of thing is easily found. It took me a lot of searching. Easy to do, unless you have to do it by the manual.

    Reply to this comment
  5. Pet Pixels says:
    March 20, 2009 at 11:43 am

    The web developer’s holy vhost trinity…

    When you’re developing web stuff, working with projects in path names (i.e. not at the top level of a domain) can be difficult to work with, so you often need to set up a local apache virtual host, stick an entry in DNS and create an SSL certificate b…

    Reply to this comment

Leave a Reply

«
»