Generate a self signed certificate on Linux
sysops·@rnason·
0.000 HBDGenerate a self signed certificate on Linux
# Generate a self signed certificate on Linux <br> <center> <br> </center> <br> ## Description: ------- This article will walk through generating a self signed certificate or certificate signing request (CSR) on a linux server. <br> ## Pre-Requisites: ------- None <br> ## Generate the key: ------- <br>  RHEL &  CentOS: ```bash openssl genrsa -out "/etc/pki/tls/private/gitlab-registry.key" 4096 ``` <br><br>  Debian &  Ubuntu: ```bash openssl genrsa -out "/etc/ssl/private/gitlab-registry.key" 4096 ``` <br> ## Generate the certificate: ------- <br>  RHEL &  CentOS: ```bash openssl req -x509 -sha512 -nodes -newkey rsa:4096 -days 365 -keyout /etc/pki/tls/private/gitlab.key -out /etc/pki/tls/certs/gitlab.crt ``` <br><br>  Debian &  Ubuntu: ```bash openssl req -x509 -sha512 -nodes -newkey rsa:4096 -days 365 -keyout /etc/ssl/private/gitlab.key -out /etc/ssl/certs/gitlab.crt ``` <br> ``` bash Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:SomeState Locality Name (eg, city) []:SomeCity Organization Name (eg, company) [Internet Widgits Pty Ltd]:yourdomain.tld Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:servername.yourdomain.tld Email Address []:user@yourdomain.tld ``` <br> ## Optionally Generate a CSR: ------- <br>  RHEL &  CentOS: ```bash openssl req -new -sha512 -key "/etc/pki/tls/private/gitlab-registry.key" -out "/etc/pki/tls/certs/gitlab-registry.csr" ``` <br><br>  Debian &  Ubuntu: ```bash openssl req -new -sha512 -key "/etc/ssl/private/gitlab-registry.key" -out "/etc/ssl/certs/gitlab-registry.csr" ``` <br> ## Post Requisites: ------- None <br> ## References: ------- [clusterfrak.com](http://clusterfrak.com/sysops/linux/linux_self_signed_certificate/)