OpenSSL on Windows

OpenSSL can do SELF certify https certificate.


Setup OpenSSL with Environment:

1, Download openssl from https://slproweb.com/products/Win32OpenSSL.html. Install openssl into system.

2, Have to set /bin into system path. Make sure that ‘openssl’ command can be run in terminal.

3, Use ‘openssl version’ in cmd to check the version.


Generate Certificate:

1, Locate into a folder, then create private key on server side.

openssl genrsa -des3 -out server.key 2048

2, Create CSR certificate request file. Need to input some general information.

openssl req -new -key server.key -out domain.csr

3, Copy the origin private key and remove the password.

copy server.key server.key.origin
openssl rsa -in server.key -out server.key

4, Use server private key to generate public key certificate.

openssl x509 -req -days 3650 -in domain.csr -signkey server.key -out domain.crt

After these steps, we can have 3 files in current folder.

server.key -> #Server Private Key
domain.csr -> #Server & Domain Request File
domain.crt -> #Domain Certificate

All required files are encrypted to .pem file.

Use these file in nginx if needed.

OpenSSL certificate can be used ONLY IF finish register with them. Self certificate can not be accessed with normal brower. Will show error SSL_ERROR_BAD_CERT_DOMAINSSL


REFERENCE:

Leave a Comment

Your email address will not be published.