SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
Step 1 – Create a directory to store your key, certificate signing request and signed certificate.
mkdir /cert cd /cert
Step 2 – Generate a private key for your server.
openssl genrsa -des3 -out server.key 2048
Step 3 – Generate a CSR (Certificate Signing Request).
openssl req -new -key server.key -out server.csr
Step 4) You can now generate a Self Signed Certificate using the CSR and key generated in Step 2 and 3.
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Note: Certification is valid for one year (365days – as defined in the syntax “-days 365”)
In the /cert directory, you will have the following.
Private Key – server.key
CSR – server.csr
Signed Certificate – server.crt