Does anyone know how to generate self-signed certificate for nginx? maybe even with wildcard or for multiple subdomains?! I mean the openssl command, if possible. Thanks!
on 2009-02-19 16:11
on 2009-02-19 16:37
Generate a private key: openssl genrsa -des3 -out www.domain.com.ssl.key 1024 Create a CSR: openssl req -new -key www.domain.com.ssl.key -out www.domain.com.ssl.csr *note: enter full domain (www.domain.com) for CN (common name)* Remove password from private key (optional): openssl rsa -in www.domain.com.ssl.key -out www.domain.com.ssl.key.nopass Generate self-signed cert: openssl x509 -req -days 365 -in www.domain.com.ssl.csr -signkey www.domain.com.ssl.key -out www.domain.com.ssl.crt *note: use .nopass if you removed the password from the private key* Hope that helps. I'm not sure about generating a wildcard cert. Nick
on 2009-02-19 16:57
On Feb 19, 2009, at 10:27 AM, Nick Pearson wrote: > > Nick Just to add that that there are many guides on doing this available on the Web (ie. through a Google search). A couple that are specific and detailed are: http://www.urbanpuddle.com/articles/2008/10/14/a-q... http://articles.slicehost.com/2007/12/19/ubuntu-gu... - johnk
on 2009-02-20 10:26
John Kemp wrote: > On Feb 19, 2009, at 10:27 AM, Nick Pearson wrote: > >> >> Nick > Just to add that that there are many guides on doing this available on > the Web (ie. through a Google search). > > A couple that are specific and detailed are: > > http://www.urbanpuddle.com/articles/2008/10/14/a-q... > > http://articles.slicehost.com/2007/12/19/ubuntu-gu... > > - johnk Thanks guys! It helped.
on 2009-02-20 11:01
One problems: what does this mean? 2009/02/20 09:57:13 [info] 10201#0: *9 SSL_do_handshake() failed (SSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca) while reading client request line, client: