Generate a CSR:
openssl req -new -newkey rsa:2048 -nodes -sha256 -out wildcard.domain.fqdn.csr -keyout wildcard.domain.fqdn.key -subj "/C=your_country/ST=your_state/L=your_city/O=your_organization/CN=*.domain.fqdn"
View the CSR:
openssl req -text -in wildcard.domain.fqdn.csr
Sign the certificate:
openssl ca -in wildcard.domain.fqdn.csr -out wildcard.domain.fqdn.cer -config /path/to/openssl.cnf
Convert the certificate to PFX:
openssl pkcs12 -export -out wildcard.domain.fqdn.pfx -inkey wildcard.domain.fqdn.key -in wildcard.domain.fqdn.cer
Covert the certificate to PEM:
openssl pkcs12 -in wildcard.domain.fqdn.pfx -out wildcard.domain.fqdn.pem -nodes
One thought on “HOWTO: Generate and self-sign Wildcard SSL certs in Ubuntu”