SSL Certificate Generator

Create a self-signed SSL certificate for internal or personal use.

Use this tool to create a certificate signing request, key, and self-signed SSL certificate.
The signing request can be submitted to a certificate authority (CA) to generate a trusted certificate for the private key, or use the key and certificate on a server that doesn't need to have a trusted certificate signed by a CA.

Certificates and keys are generated using OpenSSL 1.0.1e-fips 11 Feb 2013 by CentOS Linux release 7.3.1611 (Core) in memory and sent directly to your browser over TLS. Certificate information and keys are never logged or written to disk.


OpenSSL Command Cheat Sheet

Create new certificate signing request and private key (4096 bit RSA)
openssl req -new -outform PEM -nodes -keyout server.key -newkey rsa:4096 -out server.csr
Generate a self-signed certificate valid for 2 years with a 4096 bit private key
openssl req -x509 -nodes -days 730 -newkey rsa:4096 -keyout server.key -out server.crt