Total Pageviews

Saturday, February 03, 2007

Creating a SSL-certificate for a server

If someone is in need of 
creating SSL certificates for his 
server (eg. at home), he might find
the following script very helpful.


echo Delete old private key
echo Create new private/public-keys without passphrase for server
openssl genrsa -out $PRIVATE_KEY 1024

echo Create selfsigned certificate
# From man req:
#  -x509
#    this option outputs a self signed certificate instead
#    of a certificate request. This is typically used to
#    generate a test certificate or a self signed root CA.
#    The extensions added to the certificate (if any) are
#    specified in the configuration file.

openssl req -new         -days $VALID_DAYS         -key $PRIVATE_KEY         -x509         -out $CERTIFICATE_FILE

echo private-keyfile is $PRIVATE_KEY
echo server-certificate-file is $CERTIFICATE_FILE


Update: There is a short way in generating a new SSL certificate for your home box:
sudo make-ssl-cert generate-default-snakeoil --force-overwrite
This works on my Ubuntu box.

No comments:

Post a Comment