Quick and dirty way to generate a self signed cert that lasts 10 years
While I love IIS’s and most program’s ability to generate a self signed cert, my gripe with those is that they last only a year. While a year is generally sufficient for development purposes, sometimes you want one that lasts a whole lot longer.
In order to get one that lasts longer, you will need to turn to openssl.
Here are the steps
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650 -nodes -config ..\share\openssl.cnf
openssl pkcs12 -export -out localhost.pfx -inkey key.pem -in cert.pem
– newkey: Generate a RSA 2048 bit encryption key
– keyout: the file containing the private key
– out: the file containing the certificate details
– days: how many days is this certificate valid for
– nodes: needed for pfx
– config: for windows, to specific the configuration file location