How to create a Self-Signed SSL Certificate with OpenSSL

OpenSSL is an open-source implementation of the SSL and TLS protocols. OpenSSL can be used to create your own Self Signed SSL certificates which can be used with your website. In this tutorial we are going to show you how to create a SSL certificate in Ubuntu. Here I am using Ubuntu Linux 13.10 distribution.

Steps to create a Self-Signed SSL Certificate

1.OpenSSL is pre installed in almost all Linux distributions. Check OpenSSL is installed by typing the command.
openssl version
Selection_010It will show you present openssl version. If OpenSSL is not present install it using the command
sudo apt-get install openssl
2. Now enter into the Terminal as root by typing
sudo -su
Then type your password.
3. In this step we are going to create a private key with a password. Type the command
openssl genrsa -des3 -out learn2crack.key 1024
Selection_011It will ask for a pass phrase. Enter a passphrase to continue. If you need 2048 bit encryption replace 1024 with 2048. Here I have created the key as learn2crack.key , Use your prefered name for the key.
4. Next step is to create a CSR which is Certificate Signing Request. Enter the command to create CSR
openssl req -new -key learn2crack.key -out learn2crack.csr
Selection_012Enter the details required and finally you will find a .csr file in your directory.
5. This step is to sign your certificate. Enter the following command
openssl x509 -req -days 365 -in learn2crack.csr -signkey learn2crack.key -out learn2crack.crt
Selection_013Here 365 is the number of days the certificate is valid for. Finally you will find a crt file which can be used with your website.

Creating PEM file

PEM is a container which contains both private key and Certificate Signing Request. Use the command to create PEM
cat learn2crack.key learn2crack.crt > learn2crack.pem

Creating pk8

pk8 is a file which contains the private key which can be useful when signing Android APK using SignAPK. Use the command to create pk8 file from PEM file
openssl pkcs8 -topk8 -outform DER -in learn2crack.pem -inform PEM -out key.pk8 -nocrypt
Selection_014Note: Using Self Signed certificates with your website shows warning in browsers. Use it for your personal purpose. Any questions comment here.

Comments

Post a Comment