Skip to content

Instantly share code, notes, and snippets.

@dennybaa

dennybaa/tips.md

Last active September 2, 2018 09:20
Show Gist options
  • Save dennybaa/96a037e6ad022f5f90ff0a503d237b91 to your computer and use it in GitHub Desktop.
Save dennybaa/96a037e6ad022f5f90ff0a503d237b91 to your computer and use it in GitHub Desktop.
Download ZIP
Generate self-signed wildcard openssl certificate #openssl #tips #self-signed
Raw
tips.md

Generate self-signed wildcard openssl certificate

generate csr and key

cat <<-EOF > /tmp/config.ss
[req]
distinguished_name = dn
req_extensions = v3_req
prompt = no

[ v3_req ]

# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = example.io
DNS.2 = *.example.io

[dn]
CN = example.io
C  = DE
ST = Germany
L  = Frankfurt
EOF


# generate csr and key
openssl req -new -sha256 -nodes -out ss-example.io.csr -newkey rsa:2048 -keyout ss-example.io.key -config /tmp/config.ss

generate certificate

openssl x509 \
  -signkey ss-example.io.key \
  -in ss-example.io.csr \
  -req -days 3650 -out ss-example.io.crt -extensions v3_req -extfile /tmp/config.ss


rm /tmp/config.ss

detailed print

openssl x509 -text -noout -in ss-example.io.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment