Creating an SSL key, CSR and self-signed cert


cd /etc/pki/tls
cd private
openssl genrsa -des3 -out `hostname`.key 1024
  # password: whatever you want


# TO MAKE IT HAVE NO PASSPHRASE (optional):
cp `hostname`.key `hostname`.key.orig
openssl rsa -in `hostname`.key.orig -out `hostname`.key

# MAKE THE CSR
cd ../csr
openssl req -new -key ../private/`hostname`.key -out `hostname`.csr
  # answer the questions

# MAKE THE SELF-SIGNED CERT:
cd ../certs
openssl x509 -req -days 1800 -in ../csr/`hostname`.csr -signkey ../private/`hostname`.key -out `hostname`.crt

Comments are closed.