Home > Development, General, IIS, SSL > Quick and dirty way to generate a self signed cert that lasts 10 years

Quick and dirty way to generate a self signed cert that lasts 10 years

While I love IIS’s and most program’s ability to generate a self signed cert, my gripe with those is that they last only a year. While a year is generally sufficient for development purposes, sometimes you want one that lasts a whole lot longer.

 

In order to get one that lasts longer, you will need to turn to openssl.

 

Here are the steps

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650 -nodes -config ..\share\openssl.cnf

openssl pkcs12 -export -out localhost.pfx -inkey key.pem -in cert.pem

 

Parameters

– newkey: Generate a RSA 2048 bit encryption key

– keyout: the file containing the private key

– out: the file containing the certificate details

– days: how many days is this certificate valid for

– nodes: needed for pfx

– config: for windows, to specific the configuration file location

 

image

Advertisements
Categories: Development, General, IIS, SSL
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: