DevOps Buzz
Search…
Bash / Shell
Bitbucket
Distros
Elasticsearch
General
Guidelines / Standards
microk8s
Prometheus
RabbitMQ
VirtualBox
Cheat Sheet

Generate self-signed certificates

Create a config file called ssl.conf.
ssl.conf
1
[ req ]
2
default_bits = 4096
3
distinguished_name = req_distinguished_name
4
req_extensions = req_ext
5
6
[ req_distinguished_name ]
7
countryName = Country Name (2 letter code)
8
countryName_default = CA
9
stateOrProvinceName = State or Province Name (full name)
10
stateOrProvinceName_default = Ontario
11
localityName = Locality Name (eg, city)
12
localityName_default = Toronto
13
organizationName = Organization Name (eg, company)
14
organizationName_default = Your_Company_Name
15
commonName = Common Name (e.g. server FQDN or YOUR name)
16
commonName_max = 64
17
commonName_default = yourdomain.com
18
19
[ req_ext ]
20
subjectAltName = @alt_names
21
22
[alt_names]
23
DNS.1 = anything.yourdomain.com
24
DNS.2 = *.anything.yourdomain.com
Copied!
Then, create a private key.
1
openssl genrsa -out private.key 4096
Copied!
To create the Singing Request, run:
1
openssl req -new -sha256 \
2
-out private.csr \
3
-key private.key \
4
-config ssl.conf
Copied!
Check all info by running:
1
openssl req -text -noout -in private.csr
Copied!
Finally, generate the certificate.
1
openssl x509 -req \
2
-sha256 \
3
-days 3650 \
4
-in private.csr \
5
-signkey private.key \
6
-out private.crt \
7
-extensions req_ext \
8
-extfile ssl.conf
Copied!

Validate SSL handshake

1
openssl s_client -state -nbio -connect https://PUT-SERVER-URL-OR-IP-HERE
Copied!