1. Home
    2. »
  2. General
    3. » How to create self-signed ssl certificate for domain

How to create self-signed ssl certificate for domain

General
admin

enter image description here

Why self-signed certificate? I use "real looking" domain names on a local server using AlmaLinux and need SSL for real life testing.

IMPORTANT: when you see the line below in your terminal / putty, be sure to add your domain name. For Example:

Common Name (eg, your name or your server's hostname) []:example.com

To create a self-signed SSL certificate for example.com, you can follow these steps:

1) Create a private key: Run the following command to create a private key (example.key):

 openssl genrsa -out example.key 2048

This command generates a new RSA private key (example.key) with a key size of 2048 bits.

2) Create a Certificate Signing Request (CSR): Run the following command to create a CSR (example.csr):

 openssl req -new -key example.key -out example.csr

This command will prompt you to enter various details such as your country, state, locality, organization name, common name (domain name), and email address. Make sure to enter davinciaiclub.com as the common name tecadmin.net.

3) Generate the Self-Signed SSL Certificate: Run the following command to generate a self-signed SSL certificate (example.crt):

 openssl x509 -req -days 365 -in example.csr -signkey example.key -out example.crt

This command generates a self-signed SSL certificate (davinciaiclub.crt) that will be valid for 365 days tecadmin.net.

You can specify a longer validity period for your self-signed SSL certificate. However, it's important to note that many browsers and operating systems have moved to a maximum validity period of 397 days (approximately 13 months) for SSL/TLS certificates.

After running these commands, you should have a private key file (example.key), a CSR file (example.csr), and a self-signed SSL certificate file (example.crt). You can then configure your web server to use the example.key and example.crt files for SSL.

Please note that while self-signed SSL certificates can be useful for testing, development, or internal purposes, they will still cause security alerts, BUT you can still use the https:// protocol and make your scripts work correctly.

Tags