H3XED

Create a Self-Signed SSL Certificate using OpenSSL on Windows

May 12, 2017   Programming   Nick Vogt   Comments
Please note that this post is over a year old and may contain outdated information.
This is a simple method for creating a self-signed SSL certificate on Windows. This is useful for testing and development purposes; you shouldn't use a self-signed SSL certificate on a production website.


Get OpenSSL


First make sure you have OpenSSL. It comes with Apache, which you may already have. Here is an example location for the executable in my Apache 2.4 installation:

C:\Program Files\Apache24\bin\openssl.exe
Make sure you have your openssl.exe location in your Windows Path variable so that you can call openssl from anywhere.


Command


Open a command prompt and run this command. Make sure to adjust the location of your openssl.cnf file if needed:

set OPENSSL_CONF=C:\Program Files\Apache24\conf\openssl.cnf

This temporarily sets the OpenSSL config file location.

Now run the command that creates the key and certificate file. Be sure to change FILENAME to something you'd like (I usually name these based on the name of the host).

openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout FILENAME.key -out FILENAME.crt

You will be given several prompts to enter information in. You can leave most blank, but must be sure to enter your host name (usually your domain or subdomain) in the "Common Name" field.

Once done, the key and certificate files will be created in the directory where you opened the command prompt.
Share This Post
Twitter

Comments (0)

Share This Post
Twitter
H3XED © Nick Vogt   RSS   Policies   Twitter