Skip to main content

Raymii.org Logo (IEC resistor symbol)logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

OpenSSL One liner to create self signed certificate

Published: 09-10-2013 | Author: Remy van Elst | Text only version of this article


Table of Contents


If you like this article, consider sponsoring me by trying out a Digital OceanVPS. With this link you'll get $100 credit for 60 days). (referral link)

This is a one liner for OpenSSL to generate a self signed certificate andprivate key.

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

This is the output. Fill it in as required:

Generating a 2048 bit RSA private key......................+++....................................+++writing new private key to 'key.pem'-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [AU]:NLState or Province Name (full name) [Some-State]:Zuid HollandLocality Name (eg, city) []:RotterdamOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling NetworkOrganizational Unit Name (eg, section) []:QACommon Name (e.g. server FQDN or YOUR name) []:example.sparklingnetwork.nlEmail Address []:

If you want a password on the private key, remove the -nodes option.

Tags: certificates, csr, openssl, pki, private-key, public-key, snippets, ssl