Skip to main content

OpenSSL One liner to create self signed certificate

Published: 09-10-2013 | Author: Remy van ElstText only version of this article

Table of Contents

This is a one liner for OpenSSL to generate a self signed certificate and private key.

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

This is the output. Fill it in as required:

Generating a 2048 bit RSA private key
writing new private key to 'key.pem'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Zuid Holland
Locality Name (eg, city) []:Rotterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
Organizational Unit Name (eg, section) []:QA
Common Name (e.g. server FQDN or YOUR name) []
Email Address []:

If you want a password on the private key, remove the -nodes option.

Tags: certificates  csr  openssl  pki  private-key  public-key  snippets  ssl