Howto: Self Signed SSL Certificates

2004-12-13 19:43 - Tech

I wrote a series of separate howto guides just the other day. They were generally bad, and I removed them. I happened to find not much later another online guide that was just plain great, and ended up being much more helpful. Set files up as this Self Signed Certs guide tells you to. Also make a directory called cert. Then you can use these two quickie scripts to further automate the process:

makecert.sh

#!/bin/sh
openssl req -new -nodes -out req.pem -config ./openssl.cnf
openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem
mv cert.pem tmp.pem
openssl x509 -in tmp.pem -out cert.pem
cat key.pem cert.pem >key-cert.pem
mv cert.pem key.pem key-cert.pem req.pem cert

viewcert.sh

#!/bin/bash
openssl x509 -in cert/cert.pem -noout -text -purpose | less

Enjoy! I have a just-in-case unauthorized mirror of that document as well.

Comments:

No comments!

Post a comment:

Username
Password
  If you do not have an account to log in to yet, register your own account. You will not enter any personal info and need not supply an email address.
Subject:
Comment:

You may use Markdown syntax in the comment, but no HTML. Hints:

  • An empty line between text will create a paragraph boundary.
  • Use angle braces around a plain URL to auto-link it: <http://www.example.com/>.
  • Use this format to create a link with different text showing: [An Example](http://www.example.com/).
  • Use backticks (``), not leading spaces to enclose a code block.

If you are attempting to contact me, ask me a question, etc, please send me a message through the contact form rather than posting a comment here. Thank you. (If you post a comment anyway when it should be a message to me, I'll probably just delete your comment. I don't like clutter.)