OpenSSL: Create certificate - how it works

Under Linux you can create your own SSL certificate with OpenSSL in a few minutes. You can find out how to do this in this practical tip.

Create SSL certificate with OpenSSL

To create your own SSL certificate, you have to do the following steps in order. Note: Please note that a self-created SSL certificate always generates a warning message in the browser, since it was not signed by an official certification authority

1. First open a terminal and use the "sudo apt-get install openssl" command to install the OpenSSL program.
2. Then use "sudo mkdir / etc / sslzertifikat /" to create an folder in which the later files will be saved.
3. First you have to create a private key with "sudo openssl genrsa -out" /etc/sslzertifikat/beispiel.key "2048". The number "2048" indicates the key length. If you want to generate a more secure key, you can also replace it with "4096".
4. Then you have to create a certification application with "sudo openssl req -new -key" /etc/sslzertifikat/beispiel.key "-out" /etc/sslzertifikat/beispiel.csr "".
5. You will have to answer only one question at a time, such as the country code or the name of your organization. For a self-created certificate you can leave it free except for the most important entry, the "Common Name". Here you have to enter the domain under which your server can later be reached.
6. Finally, with "sudo openssl x509 -req -days 365 -in" /etc/sslzertifikat/beispiel.csr "-signkey" /etc/sslzertifikat/beispiel.key "-out" /etc/sslzertifikat/beispiel.crt "" Generate your self-signed SSL certificate. The number "365" indicates the duration of the validity of your certificate and can be chosen freely.