Create a OpenSSL certificate on Windows
Solution 1
You can download a native OpenSSL for Windows, or you can always use Cygwin.
Solution 2
If you're on windows and using apache, maybe via WAMP or the Drupal stack installer, you can additionally download the git for windows package, which includes many useful linux command line tools, one of which is openssl.
The following command creates the self signed certificate and key needed for apache and works fine in windows:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privatekey.key -out certificate.crt
Solution 3
To create a self signed certificate on Windows 7 with IIS 6...
Open IIS
Select your server (top level item or your computer's name)
Under the IIS section, open "Server Certificates"
Click "Create Self-Signed Certificate"
Name it "localhost" (or something like that that is not specific)
Click "OK"
You can then bind that certificate to your website...
Right click on your website and choose "Edit bindings..."
-
Click "Add"
- Type: https
- IP address: "All Unassigned"
- Port: 443
- SSL certificate: "localhost"
Click "OK"
Click "Close"
Solution 4
You can certainly use putty (puttygen.exe) to do that.
Or you can get Cygwin to use the utilities you just described.
Comments
-
Ben Fransen almost 2 years
Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out.
I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver.
I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit.
The manual provides two commands which have to be executed in order to create a RSA key and a certificate.
The commands are:
openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024
and
openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer
Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key?
-
kodybrown almost 9 years
puttygen.exe
is super simple and i always forget about it! -
Benjamin Albert about 8 yearsThanks for mentioning that OpenSSL comes with git for windows.
-
Aaron_H almost 8 yearsI understand how to create a public/private keypair in puttygen, but how do you create a certificate (.pem) in puttygen?
-
Ed Norris over 7 yearsFrom that OpenSSL link: "The OpenSSL project does not distribute any code in binary form, and does not officially recommend any specific binary distributions"
-
Eido95 almost 7 yearsYou can use this method in git bash on Windows too: How to create an https server?
-
manish kumar over 6 yearsis it SSH-2 or SSH-1?
-
Doug almost 6 yearsThe IIS certificate generator doesn't generate valid SSL certificates (see stackoverflow.com/questions/46641473/…) and this doesn't answer the question asked.
-
teewuane almost 6 yearsThe question was modified in May of 2014, after my answer.
-
tryingHard over 4 yearsI've got an error:
unable to find 'distinguished_name' in config
18268:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:crypto\conf\conf_lib.c:270:
privatekey.key
was generated, but not thecrt
file. -
tryingHard over 4 yearsI created public and private key, but what about certificate?
-
mpr over 3 yearsIf you happen to already have scoop installed, you can 'scoop install openssl'.
-
Altair7852 over 3 yearsYou can also run in Bash for Windows (in Windows 10)
-
m4110c over 2 yearsThis question is not about creating (private) SSH-Keys in PEM-format. This is about creating a self-signed X509 SSL-Certificate in PEM-fromat. PuttyGen will not create such certificates.