Appendix B: Generating a self signed certificate.

Appendix B: Generating a self signed certificate.

SSL Certificate is actually an x509 Certificate, which is used during the TLS handshake process to provide authentication and asymetric encryption to exchange a symmetric key used for securing the data exchange.

1. Create the key (specify a passphrase for the key)

    openssl genrsa -des3 -out server.key.pass 2048
   

2. Convert to an unencrypted key using passphrase from step 1.

    openssl rsa -in server.key.pass -out server.key
   

3. Generate a CSR - Certificate Signing Request (leave passphrase blank)

    openssl req -new -key server.key -out server.csr
   

4. Generate a self signed certificate

    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
   

===