Creating Self-Signed Certificate for Web Servers Like Nginx

I’m not sure if I have written this before, but here is how we create a self-signed certificate (without the passphrase) to be used by web servers like Apache or nginx.

Gist – creating self-signed certificate.

openssl genrsa -out server.key 4096
openssl rsa -in server.key -out server.key
openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=example.com'
openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt

# Create pem
cat server.crt server.key > cert.pem

This one works for sub-domains too. PEM creation is added just in case it’s needed.

This entry was posted in Linux and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *