How to create a self signed ssl certificate
You want to test out your SSL app, but you don’t have a cert. Just make one. This post was pretty much ripped from Heroku.
If you are using a Windows box, I suggest you google.
For all others, open your favorite terminal program and type:
$ which openssl || echo "I have's none!" # should return /path/to/openssl
If you haves none, install openssl, like so:
$ [sudo] apt-get install openssl
Mac OS X, use brew:
$ brew install openssl
Get that key and signing request
Copy-pasta the following commands. Filled out the data as you wish. When you are asked for a “challenge password ”, hit return, leaving the password empty.
NOTE: I used backslashes to blog readability, only.
$ openssl genrsa -des3 -passout pass:x \ -out server.pass.key 2048 $ openssl rsa -passin pass:x -in server.pass.key -out \ server.key $ rm server.pass.key $ openssl req -new -key server.key -out server.csr
Get that cert
Generate the seif-signed certificate using the certificate signing request server.csr and the private key server.key
$ openssl x509 -req \ -days 365 \ -in server.csr \ -signkey server.key \ -out server.crt
Pem Pem Pem goes the trolley
For some uses, like, say,
Using ELB as an SSL termination proxy,
you will need to create a
This is is straight forward for our needs, just cat them thangs:
cat server.key server.crt > server.pem
blog comments powered by Disqus