I explain how to create certificates with OpenSSL on your Windows computer in my blog post “How-to: Make Your Own Cert With OpenSSL on Windows (Reloaded)“.
If you can’t or don’t want to install OpenSSL, there is a solution now with Web OpenSSL.
With Web OpenSSL, you can just run OpenSSL and the commands in your browser, like this (for more info on these commands , read my blog post).
Go to Web OpenSSL:
Scroll down a bit:
Click “Enter split screen”. You will now have a command-line interface to the left and the folder with files to the right:
Enter this command:
openssl genrsa -out ca.key 4096
Notice that 2 files have been created. You can take a look at them, for example ca.key:
Enter this command and answer the questions:
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
Enter this command:
openssl genrsa -out ia.key 4096
Enter this command and answer the questions:
openssl req -new -key ia.key -out ia.csr
Create a text file named altname.cnf and enter your domain name, this is the content for my domain name: subjectAltName=DNS:www.didierstevens.com
Upload this file (button Browse in Files) and check it was properly uploaded:
Enter this command:
openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt -extfile altname.cnf
Enter this command:
openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt
You can then download all your files:
Verify and start using them:
If you want to understand what these commands exactly do, read my blog post “How-to: Make Your Own Cert With OpenSSL on Windows (Reloaded)“.
Article Link: How-to: Make Your Own Cert With Web OpenSSL | Didier Stevens