Create selfsigned certificates using OpenSSL on Windows

Sometimes you find yourself in the need to create a SSL certificate when there is no CA available.

In those cases I like to use OpenSSL. OpenSSL is an open source application and is also available for Windows Platform.

To get your own  copy browse to the following link and download the  Win32 OpenSSL v0.9.8y Light or Win64 OpenSSL v1.0.0k Light depending on your Windows version.

Once you have installed OpenSSL creating a selfsigned certificate can be achieved following the below steps:

  • Open a CMD prompt with administrative rights
  • Browse to your OpenSSL directory

OpenSSL Browse to directory

  • Startup OpenSSL

Start-up OpenSSL

  • Create a certificate request and your own private key

req -out rootsecurity.csr -new -newkey rsa:2048 -nodes -keyout rootsecurity.key

Create .csr & .key

  • Provide your country code
  • Provide your Province or State name
  • Provide your City name
  • Provide your Company name
  • Provide a OU name
  • Provide the Common Name! This is the name you like the certificate to use!
  • Optional provide Email address
  • Optional provide a challenge password
  • Optional provide an optional company name

Create .csr & .key - 2

  • Click enter
  • Check you have both a .csr and .key file within the OpenSSL\bin directory

Check .csr & .key

  • Sign your .csr file using your privatekey (In this example the certificate will expire in 365 days)

x509 -req -days 365 -in rootsecurity.csr -signkey RootSecurity.key -out rootsecurity.cer

Sign request

  • Check you have a .cer file within the OpenSSL\bin directory and see it created with the expected common name en expiration date

7

8

  • Create a PFX file by combining the .cer and .key files.

pkcs12 -export -out rootsecurity.pfx -inkey RootSecurity.key -in rootsecurity.cer

Create . pfx file

  • Provide an export password
  • Check you have a .pfx file within the OpenSSL\bin directory

Check .pfx

Geplaatst op juli 21, 2013, in OpenSSL. Markeer de permalink als favoriet. Een reactie plaatsen.

Geef een reactie

Vul je gegevens in of klik op een icoon om in te loggen.

WordPress.com logo

Je reageert onder je WordPress.com account. Log uit / Bijwerken )

Twitter-afbeelding

Je reageert onder je Twitter account. Log uit / Bijwerken )

Facebook foto

Je reageert onder je Facebook account. Log uit / Bijwerken )

Google+ photo

Je reageert onder je Google+ account. Log uit / Bijwerken )

Verbinden met %s

%d bloggers liken dit: