Self Signed SSL Certificate

When it comes to creating a SSL cert for testing, the best way is to roll your own. Follow these instructions and you’ll have your CRT file in no time.

  1. openssl genrsa -des3 -out website.key 2048
  2. openssl req -new -key website.key -out website.csr
  3. openssl rsa -in website.key -out website.key
  4. openssl x509 -req -days 999 -in website.csr -signkey website.key -out website.crt

Step 1 will create a new key file. You’ll have to enter a passphrase but don’t worry, we’ll remove that in step 3.

Step 2 will produce the CSR file which is the request file you’ll pass on to your SSL CA provider (in this case, that’ll be you).

Step 3 will remove the passphrase you entered for your website.key file. This is necessary as Apache will use it on start up and will halt awaiting your password each time the service is restarted (obviously not what you want).

Step 4 will take the KEY and CSR request file and produce a CRT Certificate file.

Apache typically needs the KEY and CRT file, so you can reference these files in your website.conf file.

Happy encryption!

Tagged with: , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *