DEV Community

Cover image for Generate and Use SSL Cert in Windows
Raj Kishor
Raj Kishor

Posted on

Generate and Use SSL Cert in Windows

Creating a Self-Signed SSL Certificate

There is two types of SSL certificates

  • Self-signed: generated by user to use in testing/local environments.
  • CA signed: generated and signed by CAs (Certificate authorities) to used in production environments.

To generate the self signed SSL Certificate follow these steps as below:

  • Generate a Private Key
  • Create a CSR ( certificate signing request) using the private key.
  • Generate the SSL certification from CSR

Windows

Step 1 – Download OpenSSL Binary Link

Download OpenSSL toolkit

Step 2 - Open OpenSSL Command Prompt
OpenSSL Command Prompt

Step 3 - Generate private key and certificate signing request

A private key and certificate signing request are required to create an SSL certificate.

These can be generated with a few simple commands.

When the openssl req command asks for a “challenge password”, just press return, leaving the password empty. Since this is a self-signed certificate.
This password is used by Certificate Authorities to authenticate the certificate owner when they want to revoke their certificate.

$ openssl genrsa -aes256 -passout pass:gsahdg -out server.pass.key 4096
...

$ openssl rsa -passin pass:gsahdg -in server.pass.key -out server.key

$ openssl req -new -key server.key -out server.csr

...
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
...
A challenge password []:
...

Enter fullscreen mode Exit fullscreen mode

Step 4 - Generate SSL certificate

The self-signed SSL certificate is generated from the server.key private key and server.csr files

$ openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
Enter fullscreen mode Exit fullscreen mode

The server.crt file is your site certificate suitable for use with hosted website along with the server.key private key.


Reference: https://devcenter.heroku.com/articles/ssl-certificate-self#generate-private-key-and-certificate-signing-request

Top comments (1)

Collapse
 
namaste_raj profile image
Raj Kishor

This SSL setup allow to use https for local development or localhost