how to generate ssl sertificate for apache or nginx

How do I create a self-signed SSL Certificate for testing purposes?

1. Make sure OpenSSL is installed and in your PATH.

2. Run the following command, to create server.key and server.crt files:
$ openssl req -new -x509 -nodes -out server.crt -keyout server.key
These can be used as follows in your httpd.conf file:

SSLCertificateFile /path/to/this/server.crt
SSLCertificateKeyFile /path/to/this/server.key


3. It is important that you are aware that this server.key does not have any passphrase. To add a passphrase to the key, you should run the following command, and enter & verify the passphrase as requested.

$ openssl rsa -des3 -in server.key -out server.key.new
$ mv server.key.new server.key

Please backup the server.key file, and the passphrase you entered, in a secure location.


2-nd method:

Generate a private key:

openssl genrsa -des3 -out www.domain.com.ssl.key 1024

Create a CSR:

openssl req -new -key www.domain.com.ssl.key -out www.domain.com.ssl.csr
*note: enter full domain (www.domain.com) for CN (common name)*

Remove password from private key (optional):

openssl rsa -in www.domain.com.ssl.key -out www.domain.com.ssl.key.nopass

Generate self-signed cert:

openssl x509 -req -days 365 -in www.domain.com.ssl.csr -signkey
www.domain.com.ssl.key -out www.domain.com.ssl.crt
*note: use .nopass if you removed the password from the private key*

Hope that helps. I'm not sure about generating a wildcard cert.