Self-signed certificates can be used to secure some web pages, like the web administration console, However, it is not recommended for a public web site, like a eCommerce web site. When you use a self-signed certificate, the browser will ask the user whether to accept the certificate or not as self-signed certificates are not trusted by the browser. You should follow the following step to create a self signed certificate.
openssl req -new -x509 -key server.key -out server.crt -days 365
You will be asked for more information about your organization and web site. Please give correct information. You should give valid domain names of your web site when you are asked for Common Name but not any aliases. To determine the valid domain name, you can use commands such as nslookup, dig or host. For example, if the web site can be accessed via both http://foo.bar
and http://www.foo.bar
, usually foo.bar
is the valid domain name (canonical name), www.foo.bar
is an alias; foo.bar
should be used for the Common Name.