Generate Certificate using Open SSL

Dec, 2010

Though creating HTTPS Certificate using IIS 7 is very simple but I needed more control over the information about the certificate. OpenSSL was the answere. OpenSSL documentation on my first read was a little complicated or a little too much information on how to create a certificate. So for all the people out there trying to create SSL certificate using OpenSSL hear is how it's done:

1) First we need to create a "key" file which holds the password phrase. The Command to generate a key file is as follows:
c:\>openssl genrsa -des3 -out kufli.key 2048
Basically the above command would create a RSA encrypted key file. The above command would require you to type in the pass-phrase.

2)Once the Key file is generated, we can go ahead and create the Certificate file. Following command is used for creating a certificate file:
c:\>openssl req -new -key kufli.key -x509 -out kufli.crt -config openssl.CNF
The above command would prompt you to fill-in Country Name, State or Province Code, Locality Name, Organization Name, Organizational Unit Name, Command Name and Email Address.

That;s it. The above command creates the Certificate file needed for Https protocol. Bellow screenshots displays the certificate information: