Create SSL certificate

Step 1: Generate a Private Key

The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

# openssl genrsa -des3 -out server.key 1024

Step 2: Generate a CSR (Certificate Signing Request)

# openssl req -new -key server.key -out server.csr

  It will ask below detailsCountry Name (2 letter code) [GB]:CH
State or Province Name (full name) [Berkshire]:Bern
Locality Name (eg, city) [Newbury]:Oberdiessbach
Organization Name (eg, company) [My Company Ltd]:Akadia AG
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:public.akadia.com
Email Address []:martin dot zahn at akadia dot ch
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Step 3: Remove Passphrase from Key

# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key

The newly created server.key file has no more passphrase in it.

Step 4: Generating a Self-Signed Certificate

To generate a temporary certificate which is good for 365 days, issue the following command:

#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

output:

Signature ok
subject=/C=CH/ST=Bern/L=Oberdiessbach/O=Akadia AG/OU=Information
Technology/CN=public.akadia.com/Email=martin dot zahn at akadia dot ch
Getting Private key