Skip to main content

Raymii.org Raymii.org Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed | Gopher

OpenSSL One liner to create self signed certificate

Published: 09-10-2013 | Author: Remy van Elst | Text only version of this article


❗ This post is over seven years old. It may no longer be up to date. Opinions may have changed.

Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days.

This is a one liner for OpenSSL to generate a self signed certificate and private key.

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

This is the output. Fill it in as required:

Generating a 2048 bit RSA private key
......................+++
....................................+++
writing new private key to 'key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Zuid Holland
Locality Name (eg, city) []:Rotterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
Organizational Unit Name (eg, section) []:QA
Common Name (e.g. server FQDN or YOUR name) []:example.sparklingnetwork.nl
Email Address []:

If you want a password on the private key, remove the -nodes option.

Tags: certificates , csr , openssl , pki , private-key , public-key , snippets , ssl