Does anyone know how to generate self-signed certificate for nginx?
maybe even with wildcard or for multiple subdomains?!
I mean the openssl command, if possible.
Thanks!
Generate a private key:
openssl genrsa -des3 -out www.domain.com.ssl.key 1024
Create a CSR:
openssl req -new -key www.domain.com.ssl.key -out www.domain.com.ssl.csr
note: enter full domain (www.domain.com) for CN (common name)
Remove password from private key (optional):
openssl rsa -in www.domain.com.ssl.key -out
www.domain.com.ssl.key.nopass
Generate self-signed cert:
openssl x509 -req -days 365 -in www.domain.com.ssl.csr -signkey
www.domain.com.ssl.key -out www.domain.com.ssl.crt
note: use .nopass if you removed the password from the private key
Hope that helps. I’m not sure about generating a wildcard cert.
Nick
On Feb 19, 2009, at 10:27 AM, Nick P. wrote:
Nick
Just to add that that there are many guides on doing this available on
the Web (ie. through a Google search).
A couple that are specific and detailed are:
http://www.urbanpuddle.com/articles/2008/10/14/a-quick-guide-to-ssl-on-nginx
http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx
- johnk
John Kemp wrote:
On Feb 19, 2009, at 10:27 AM, Nick P. wrote:
Nick
Just to add that that there are many guides on doing this available on
the Web (ie. through a Google search).A couple that are specific and detailed are:
http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx
- johnk
Thanks guys! It helped.
One problems:
what does this mean?
2009/02/20 09:57:13 [info] 10201#0: *9 SSL_do_handshake() failed (SSL:
error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca)
while reading client request line, client: