You can generate a self-signed certificate for Windows or Linux by using the OpenSSL tool.
Prerequisites
- Download the appropriate installer for OpenSSL from https://www.openssl.org/community/binaries.html. Use the downloaded OpenSSL installer to install it on Windows.
- Edit the openssl.cfg file to add additional required parameters. Make sure the
[req]
section has the req_extensions parameter defined.[req] . . req_extensions=v3_req #
- Add an appropriate Subject Alternative Name entry for the hostname or IP address of your server, for example server-01.operationsforlogs.domain. You cannot specify a pattern for the hostname.
[v3_req] . . subjectAltName=DNS:server-01.operationsforlogs.domain #subjectAltName=IP:10.27.74.215
Procedure
Results
Two files are created, server.key and server.crt.
- server.key is a new PEM-encoded private key.
- server.crt is a new PEM-encoded certificate signed by
server.key
.