PHP Nginx PHP-FPM Dev Ops Tips and How-Tos: Generate self signed self-signed signing certificate

Sunday, February 1, 2015

Generate self signed self-signed signing certificate

Step 1 : Generate Secure Key

openssl genrsa -des3 -out <your_domain_name>.key 2048

Step 2 : Generate Insecure Key

openssl rsa -in <your_domain_name>.key -out <your_domain_name>.key.insecure

mv <your_domain_name>.key <your_domain_name>.key.secure

mv <your_domain_name>.key.insecure <your_domain_name>.key

Step 3 : Generate CSR (certificate request)

openssl req -new -key <your_domain_name>.key -out <your_domain_name>.csr

Step 4 : Generate Certificate

openssl x509 -req -days 365 -in <your_domain_name>.csr -signkey <your_domain_name>.key -out <your_domain_name>.crt

Tip:

It is good practice to store your keys (.key.insecure) & (.key) in separate directory from your certificate files. For example if you are using Debian I recommend storing your keys in /etc/private/ssl directory.

PHP Nginx PHP-FPM Dev Ops Tips and How-Tos