Wednesday, March 20, 2013

Create a CSR - and self signed cert

Create a CSR with openssl
openssl req -new -newkey rsa:2048 -nodes -out server.csr -keyout server.key -subj "/C=US/ST=Utah/L=Lindon/O=Super Widgets XYZ/CN=local.example.com"

Use that CSR to create a self signed cert
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

ECC CSR (not typical)
openssl ecparam -genkey -text -name prime256v1 -out example-ecc.key
openssl req -new -key example-ecc.key -sha256 -out example-ecc.csr -subj "/C=US/ST=WA/L=Seattle/O=SomeOrg/CN=local.example.com"