Self-signed certificates for nginx

John Kemp john at jkemp.net
Thu Feb 19 18:46:06 MSK 2009


On Feb 19, 2009, at 10:27 AM, Nick Pearson wrote:

> Generate a private key:
>
> openssl genrsa -des3 -out www.domain.com.ssl.key 1024
>
> Create a CSR:
>
> openssl req -new -key www.domain.com.ssl.key -out www.domain.com.ssl.csr
> note: enter full domain (www.domain.com) for CN (common name)
>
> Remove password from private key (optional):
>
> openssl rsa -in www.domain.com.ssl.key -out www.domain.com.ssl.key.nopass
>
> Generate self-signed cert:
>
> openssl x509 -req -days 365 -in www.domain.com.ssl.csr -signkey www.domain.com.ssl.key 
>  -out www.domain.com.ssl.crt
> note: use .nopass if you removed the password from the private key
>
> Hope that helps.  I'm not sure about generating a wildcard cert.
>
> Nick

Just to add that that there are many guides on doing this available on  
the Web (ie. through a Google search).

A couple that are specific and detailed are:

http://www.urbanpuddle.com/articles/2008/10/14/a-quick-guide-to-ssl-on-nginx

http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx

- johnk





More information about the nginx mailing list