Self Signed certificates are those are signed by the same individual whose identity it certifies. It usually creates for personal use or trusted use only like server login using the key file or for SAML use for website user login, there are different use of it, so let see how it will create with Linux / centos command prompt.

Firstly check if you have OpenSSL installed or not for that use command

openssl version

if you have installed version you should see the version else your system says command not found in that case install it using following commands for according to use the operating system.

For Linux :

sudo apt install openssl

For Centos:

sudo yum install openssl

 

For creating the certificate use command :

openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out org.crt -keyout org.key

Exaplination of Command:

  • -newkey rsa:4096 : Creates a new certificate request and 4096 bit RSA key. The default one is 2048 bits.
  • -x509 : Creates a X.509 Certificate type.
  • -sha256 : - Use 265-bit Secure Hash Algorithm.
  • -days 3650 : Valid upto 10 years.
  • -nodes : Creates a key without a passphrase, means password need to open key files.
  • -out org.crt : output format of certificate and name of certicate, you can put any name according to your wish.
  • -keyout org.key : Output format of created private file and name of it.

Now Your certicates and is generated, check using ls command, org.key and org.crt files are there.

Now you use it whenever you want, you also convert certicates in different other format, for this please see our certicate conversion tutorial

Thanks