Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Create a OpenSSL certificate on Windows [closed]

Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out.

I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver.

I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit.

The manual provides two commands which have to be executed in order to create a RSA key and a certificate.

The commands are:

openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024

and

openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer

Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key?

like image 778
Ben Fransen Avatar asked Mar 01 '10 11:03

Ben Fransen


People also ask

Can you create a certificate without a CSR?

Normally CAs cannot issue certificate without your CSR. There are many tools to generate a key pair and a CSR. You can use any tool that you like.


4 Answers

If you're on windows and using apache, maybe via WAMP or the Drupal stack installer, you can additionally download the git for windows package, which includes many useful linux command line tools, one of which is openssl.

The following command creates the self signed certificate and key needed for apache and works fine in windows:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privatekey.key -out certificate.crt
like image 76
alexkb Avatar answered Nov 01 '22 02:11

alexkb


You can download a native OpenSSL for Windows, or you can always use Cygwin.

like image 31
Adam Batkin Avatar answered Nov 01 '22 01:11

Adam Batkin


To create a self signed certificate on Windows 7 with IIS 6...

  1. Open IIS

  2. Select your server (top level item or your computer's name)

  3. Under the IIS section, open "Server Certificates"

  4. Click "Create Self-Signed Certificate"

  5. Name it "localhost" (or something like that that is not specific)

  6. Click "OK"

You can then bind that certificate to your website...

  1. Right click on your website and choose "Edit bindings..."

  2. Click "Add"

    • Type: https
    • IP address: "All Unassigned"
    • Port: 443
    • SSL certificate: "localhost"
  3. Click "OK"

  4. Click "Close"

like image 16
teewuane Avatar answered Nov 01 '22 03:11

teewuane


You can certainly use putty (puttygen.exe) to do that.

Or you can get Cygwin to use the utilities you just described.

like image 9
Pablo Santa Cruz Avatar answered Nov 01 '22 01:11

Pablo Santa Cruz