OpenSSL
Generate cert
Full
DOMAIN="srv.loc"
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 365 -key ca.key -subj "/C=CN/ST=GD/L=SZ/O=Acme, Inc./CN=Acme Root CA" -out ca.crt
openssl req -newkey rsa:2048 -nodes -keyout ${DOMAIN}.key -subj "/C=CN/ST=GD/L=SZ/O=Acme, Inc./CN=${DOMAIN}" -out ${DOMAIN}.csr
openssl x509 -req -extfile <(printf "subjectAltName=DNS:${DOMAIN}") -days 365 -in ${DOMAIN}.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out ${DOMAIN}.crt
Wildcard for 10 years with root CA for local network
DOMAIN="h.net"
SUBJ='/C=US/L=home/O=local network'
openssl genrsa -out $DOMAIN-ca.key 2048
openssl req -new -x509 -days 3650 \
-subj "$SUBJ/CN=Home Root CA" \
-key $DOMAIN-ca.key \
-out $DOMAIN-ca.crt
openssl req -newkey rsa:2048 -nodes \
-subj "$SUBJ/CN=*.${DOMAIN}" \
-addext "subjectAltName=DNS:*.$DOMAIN" \
-keyout ${DOMAIN}-wildcard.key.pem \
-out ${DOMAIN}-wildcard.csr
openssl x509 -req -days 3650 \
-in ${DOMAIN}-wildcard.csr \
-CA $DOMAIN-ca.crt -CAkey $DOMAIN-ca.key -CAcreateserial \
-extfile <(printf "subjectAltName=DNS:*.$DOMAIN") \
-out $DOMAIN-wildcard.cert.pem
Get certificate from site:
View content of file