Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out.
I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver.
I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit.
The manual provides two commands which have to be executed in order to create a RSA key and a certificate.
The commands are:
openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024
and
openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer
Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key?
Normally CAs cannot issue certificate without your CSR. There are many tools to generate a key pair and a CSR. You can use any tool that you like.
If you're on windows and using apache, maybe via WAMP or the Drupal stack installer, you can additionally download the git for windows package, which includes many useful linux command line tools, one of which is openssl.
The following command creates the self signed certificate and key needed for apache and works fine in windows:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privatekey.key -out certificate.crt
You can download a native OpenSSL for Windows, or you can always use Cygwin.
To create a self signed certificate on Windows 7 with IIS 6...
Open IIS
Select your server (top level item or your computer's name)
Under the IIS section, open "Server Certificates"
Click "Create Self-Signed Certificate"
Name it "localhost" (or something like that that is not specific)
Click "OK"
You can then bind that certificate to your website...
Right click on your website and choose "Edit bindings..."
Click "Add"
Click "OK"
Click "Close"
You can certainly use putty (puttygen.exe) to do that.
Or you can get Cygwin to use the utilities you just described.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With