How to Generate a Self-Signed SSL Certificate on Linux: Step-by-Step Guide

10/09/2023 12:42 PM by Admin in Linux

First lets install OpenSSL on your Linux machine.

For Fedora and other Red Hat distributions.

sudo dnf install openssl

For Debian, Ubuntu etc which use apt package manager

sudo apt install openssl

For Arch-based Linux distributions

sudo pacman -Sy openssl

Now to generate certificate along private key in single command we can do it like this.

openssl req -newkey rsa:4096 -x509 -sha512 -days 365 -nodes -out my_certificate.pem -keyout my_private_key.pem

during this process you will be asked about information regarding your certificate like Country Name, State or Province Name, City name, company name, fully qualified name of the server mean domain name for which you are generating certificate.

You can now use the my_private_key.pem (private key) and my_certificate.pem (self-signed certificate) in your web server configuration to enable SSL/TLS.

Also if you want to extract Public Key from the certificates you can do it too

openssl x509 -pubkey -in my_certificate.pem -out my_public_key.pem

Please note that self-signed certificates are not trusted by browsers and should only be used for testing or development purposes. For production use, consider obtaining a certificate from a trusted certificate authority (CA).

Your Thoughts


New tool added : SVG Zoom Dimension Calculator.