Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
Generating a server SSL certificate for testing purposes

To generate a new server certificate for Jetconf, which will be in the correct
form and accepted even by the more pedantic web browsers like Chrome, just run
the provided script in the following way:

    ./ <out_file_suffix> <domain/ip>
    ./ <out_file_suffix> <domain/ip> <server_key>

The first form will generate a new server private key, while the second one
lets you to pass the private key file as an argument.

    ./ example
will create a certificate "server_example.crt" for domain with new
private key.

The script will autodetect if the certificate is being issued for a domain
name or an IP address, and sets the appropriate SAN value.

If you want this certificate to be recognized as valid by your web browser,
the issuing CA's certificate needs to be imported to your browser.

WARNING: It is strongly recommended not to import the provided CA's
certificate (ca.pem) to your production browser, as it's private key is
publicly known. If you do so, someone could perform a MITM attack to
any connection with an SSL-protected website.