Self signed certificate, fast and easy | my repository

Use certtool instead of openssl. It is less flexible but much more user friendly.1. Installation:Certtool is part of GnuTLS. On debian-based distributions you have to install the gnutls-bin package.2. Create a private key:# certtool -p –outfile server.key.pem3. Generate the self signed certificate:# certtool -s –load-privkey server.key.pem –outfile server.crt.pemYou will get a prompt to enter various informations required for a certificate. For a server certificate you only need to fill common name with the server name e.g. and validity period.For some applications, like openvpn, you may need your own certificate authority CA. These are the steps required:- create a CA key- create a self signed certificate for the CA. Say yes to the questions: “Does the certificate belong to an authority?” and “Will the certificate be used to sign other certificates?”- create a key- create a certificate using the CA key, CA certificate and the above key. For openvpn the common name is the user name.# certtool -p –outfile ca.key.pem# certtool -s –load-privkey ca.key.pem –outfile ca.crt.pem# certtool -p –outfile user.key.pem# certtool -c –load-privkey user.key.pem –load-ca-privkey ca.key.pem –load-ca-certificate ca.crt.pem –outfile user.crt.pem

viaSelf signed certificate, fast and easy | my repository.