Skip to main content Logo (IEC resistor symbol) logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

OpenSSL One liner to create self signed certificate

Published: 09-10-2013 | Author: Remy van Elst | Text only version of this article

Table of Contents

If you like this article, consider sponsoring me by trying out a Digital Ocean VPS. With this link you'll get $100 credit for 60 days). (referral link)

This is a one liner for OpenSSL to generate a self signed certificate and private key.

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

This is the output. Fill it in as required:

Generating a 2048 bit RSA private key
writing new private key to 'key.pem'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Zuid Holland
Locality Name (eg, city) []:Rotterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
Organizational Unit Name (eg, section) []:QA
Common Name (e.g. server FQDN or YOUR name) []
Email Address []:

If you want a password on the private key, remove the -nodes option.

Tags: certificates , csr , openssl , pki , private-key , public-key , snippets , ssl