• home
• gentoo/linux related
  • greek utf8
  • pavilion dv6520
  • self-signed certs
  • ipsec/l2tp vpn
• code
  • bash mailer
  • php directory tree
• media
• blog
• cv - resume

2008-01-13

Create your own self-signed certificates (ssl; for web/mail/etc. server.

• Disadvantages
• How to

Self-signed ssl certs

Disadvantages^

The one -and possibly big- disadvantage of self-signed certificates is that the other end isn't sure about the publishing authority (ie you). However, they still do their work ;-) So, you can freely use them for your personal servers.

How to^

While tried on gentoo linux, should work on any unix-like OS.

Creating the certificates

# openssl genrsa -des3 -out pass.key 1024 #this
# openssl genrsa -aes256 -out pass.key 2048 # or this
# openssl rsa -in pass.key -out server.key
# openssl req -new -key server.key -x509 -out server.crt -days 999
# cp server.key /etc/apache2/ssl/
# cp server.crt /etc/apache2/ssl/