Submitted by on

How to generate an auto signed certificate

Note : not recommended for preproduction / production usage

Software requirements

OpenSSL: robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.

Generation steps (On Linux)

Run the following in command line to create a pair of keys (private/public) :

openssl req -nodes -x509 -sha256 -newkey rsa:2048 -keyout rsa_private.pem -out rsa_public_cert.pem -days 365 -subj /CN=XXXXX

XXXXX : To be replace with the name of your application for example
 

If you need a key format .pkcs8

openssl pkcs8 -topk8 -inform PEM -outform DER -in rsa_private.pem > rsa_private_pkcs8


A password must be specified at this step because it can be requested…


Reminders

The format of the public key rsa_public_cert.pem is :

-----BEGIN CERTIFICATE-----
MII…………………
-----END CERTIFICATE-----