[Archived content from justinsamuel.com]

HOWTO: Create a self-signed (wildcard) SSL certificate

Posted on March 11, 2006, 11:35 pm, by justin, under HOWTOs, Linux.

The following commands are all you need to create a self-signed (wildcard, if you want) SSL certificate:

mkdir /usr/share/ssl/certs/hostname.domain.com
cd /usr/share/ssl/certs/hostname.domain.com
(umask 077 && touch host.key host.cert host.info host.pem)
openssl genrsa 2048 > host.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key host.key > host.cert
...[enter *.domain.com for the Common Name]...
openssl x509 -noout -fingerprint -text < host.cert > host.info
cat host.cert host.key > host.pem
chmod 400 host.key host.pem