Self-signed certificates for nginx
John Kemp
john at jkemp.net
Thu Feb 19 18:46:06 MSK 2009
On Feb 19, 2009, at 10:27 AM, Nick Pearson wrote:
> Generate a private key:
>
> openssl genrsa -des3 -out www.domain.com.ssl.key 1024
>
> Create a CSR:
>
> openssl req -new -key www.domain.com.ssl.key -out www.domain.com.ssl.csr
> note: enter full domain (www.domain.com) for CN (common name)
>
> Remove password from private key (optional):
>
> openssl rsa -in www.domain.com.ssl.key -out www.domain.com.ssl.key.nopass
>
> Generate self-signed cert:
>
> openssl x509 -req -days 365 -in www.domain.com.ssl.csr -signkey www.domain.com.ssl.key
> -out www.domain.com.ssl.crt
> note: use .nopass if you removed the password from the private key
>
> Hope that helps. I'm not sure about generating a wildcard cert.
>
> Nick
Just to add that that there are many guides on doing this available on
the Web (ie. through a Google search).
A couple that are specific and detailed are:
http://www.urbanpuddle.com/articles/2008/10/14/a-quick-guide-to-ssl-on-nginx
http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx
- johnk
More information about the nginx
mailing list