How to create self-signed certificate?

Self-signed certificates can be used to secure some web pages, like the web administration console, However, it is not recommended for a public web site, like a eCommerce web site. When you use a self-signed certificate, the browser will ask the user whether to accept the certificate or not as self-signed certificates are not trusted by the browser. You should follow the following step to create a self signed certificate.

  1. Create a one year self-signed certificate with the command,
openssl req -new -x509 -key server.key -out server.crt -days 365

You will be asked for more information about your organization and web site. Please give correct information. You should give valid domain names of your web site when you are asked for Common Name but not any aliases. To determine the valid domain name, you can use commands such as nslookup, dig or host. For example, if the web site can be accessed via both http://foo.bar and http://www.foo.bar, usually foo.bar is the valid domain name (canonical name), www.foo.bar is an alias; foo.bar should be used for the Common Name.

  • Admin
  • Last modified: 2017/04/21 13:15
  • by Michael Alegre