How to create a Self-Signed SSL Certificate with OpenSSL

Ref. https://www.learn2crack.com/2014/02/create-ssl-certificate-openssl.html

OpenSSL is an open-source implementation of the SSL and TLS protocols. OpenSSL can be used to create your own Self Signed SSL certificates which can be used with your website. In this tutorial we are going to show you how to create a SSL certificate in Ubuntu. Here I am using Ubuntu Linux 13.10 distribution.

Steps to create a Self-Signed SSL Certificate

1.OpenSSL is pre installed in almost all Linux distributions. Check OpenSSL is installed by typing the command.

openssl version

It will show you present openssl version. If OpenSSL is not present install it using the command

sudo apt-get install openssl

2. Now enter into the Terminal as root by typing

sudo -su

Then type your password.

3. In this step we are going to create a private key with a password. Type the command

openssl genrsa -des3 -out learn2crack.key 1024

It will ask for a pass phrase. Enter a passphrase to continue. If you need 2048 bit encryption replace 1024 with 2048. Here I have created the key as learn2crack.key , Use your prefered name for the key.

4. Next step is to create a CSR which is Certificate Signing Request. Enter the command to create CSR

openssl req -new -key learn2crack.key -out learn2crack.csr

Enter the details required and finally you will find a .csr file in your directory.

5. This step is to sign your certificate. Enter the following command

openssl x509 -req -days 365 -in learn2crack.csr -signkey learn2crack.key -out learn2crack.crt

Here 365 is the number of days the certificate is valid for. Finally you will find a crt file which can be used with your website.

Creating PEM file

PEM is a container which contains both private key and Certificate Signing Request. Use the command to create PEM

cat learn2crack.key learn2crack.crt > learn2crack.pem

Creating pk8

pk8 is a file which contains the private key which can be useful when signing Android APK using SignAPK. Use the command to create pk8 file from PEM file

openssl pkcs8 -topk8 -outform DER -in learn2crack.pem -inform PEM -out key.pk8 -nocrypt

Note: Using Self Signed certificates with your website shows warning in browsers. Use it for your personal purpose. Any questions comment here.