Open SSL -making your own cert for IIS test or internal servers.

Ok not about games... but I wanted a place to save this...



Download open SSL from: http://gnuwin32.sourceforge.net/packages/openssl.htm and install it...

1st you must configure...
Do the easy thing... Download a config file... it has data that isn't your company but who cares. http://sial.org/howto/openssl/ca/

Setup your CA
1st create a private key... I don't really get this part... but this will get you through it...

C:\Program Files\GnuWin32\bin>openssl genrsa -des3 -out CA2.key 1024
Loading 'screen' into random state - done
Generating RSA private key, 1024 bit long modulus
...............++++++
...................++++++
e is 65537 (0x10001)
Enter pass phrase for CA2.key: *******
Verifying - Enter pass phrase for CA2.key:  *******

ok now you have to create a CA certificate... note your input is in bold

C:\Program Files\GnuWin32\bin>openssl
OpenSSL> req -new -key CA2.key -x509 -days 1095 -out CA2.crt -config openssl.cnf

Enter pass phrase for CA2.key:*****same as the one you used to create ca2.key***
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Sial CA []:MyCompany CA
US []:US
Washington []:Ohio
Seattle []:Cleveland
sial.org []:MyCompany.com
jmates@sial.org []:jsobo119@MyCompany.com
OpenSSL>

Create a cert request in IIS

copy file to where openSSL is running...

OpenSSL> x509 -req -days 1095 -in c:\certreq.txt -CA CA2.crt -CAkey CA2.key -CAc
reateserial -out c:\certout2.cer
Loading 'screen' into random state - done
Signature ok
subject=/CN=localhost/OU=Interent/O=Ceres/L=Cleveland/ST=OH/C=US
Getting CA Private Key
Enter pass phrase for CA2.key:

... ok now go get certout2.cer and install in on iis... Done...