How: Creating Self Signed Certificate
In my present job, I was given a task to integrate Third party API that uses token-based authentication and a Self-signed certificate. After days of searching, I found a way of generating an x509 certificate using OpenSSL application. To share with you how I generate an x509 certificate, below are the steps to generate a Self-signed certificate using OpenSSL.
Download OpenSSL for windows from the link below.
After you have downloaded the EXE file proceed with Installing the application. I prefer installing it in C Drive root directory. See image below.
After the installation navigates to your installation folder in my case it is C:\OpenSSL-Win64\bin. Copy the full path and paste it in your Environment Variable. See Image below.
To open environment variables right click on My Computer or This PC for Windows 10 and choose properties.
System window will appear click change settings.
Then select the advanced tab and open Environment Variables located at the bottom right of the advance tab.
Now you can open Environment Variables. Copy and paste your installation directory (C:\OpenSSL-Win64\bin) to your Environment Variables path separating it with a semicolon. Now you can directly access OpenSSL using cmd.
Let’s start creating a Self Signed Certificate:
Step 1. Open command prompt or cmd to start creating a self-signed certificate. Create a folder from anywhere on your PC. In my case, I created a folder inside D:\sample cert. Please refer to the image below to change cmd directory to the folder you created.Type OpenSSL to start the application.
Step 2. Create a key and a certificate using the command below. Fill additional details for your Self-Signed certificate. Refer to the image shown below.
- openssl req -x509 -days 365 -newkey rsa:2048 -keyout mykey.pem -out mycert.pem
This will create a key and certificate.
Step 3. Put your key and certificate in one file using a pfx file. Use the command below
- openssl pkcs12 -export -in mycert.pem -inkey mykey.pem -out mycert.pfx
This will create a pfx file.
Step 4. Extract a public certificate from your pfx. Use the command below.
- openssl pkcs12 -in mycert.pfx -clcerts -nokeys -out public_cert.pem
This will generate a public_cert.pem file.
See image below to see the files created using this steps.
And now your Self Signed certificate is now ready for live action. Thank you for reading. Happy Coding!!.