OpenSSL - Self-signed certificate
Creation of a self-signed certificate using OpenSSL
The tool OpenSSL can be used to create a self-signed certificate. However, it is important to note that a self-signed certificate won't be trusted by most browsers.
A Certificate Signing Request (CSR) aim to ask a trusted authority for a digital certificate.
A Certificate Signing Request usually includes:
Subject name
Company name
Organization
Organization unit
Common name
Email
Public key of the requester (this require the requester to previously generate a key pair)
OpenSSL allows us to make a CSR using a simple one liner.
The command below creates a x509 certificate using a 4096 bits key. This key will be encrypted using the SHA-1 algorithm.
Then, we are prompted to choose a passphrase that will be used to encrypt data and any others information included in the CSR.
Last updated