OpenSSL
Generate cert
Full
DOMAIN="srv.loc"
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 365 -key ca.key -subj "/C=CN/ST=GD/L=SZ/O=Acme, Inc./CN=Acme Root CA" -out ca.crt
openssl req -newkey rsa:2048 -nodes -keyout ${DOMAIN}.key -subj "/C=CN/ST=GD/L=SZ/O=Acme, Inc./CN=${DOMAIN}" -out ${DOMAIN}.csr
openssl x509 -req -extfile <(printf "subjectAltName=DNS:${DOMAIN}") -days 365 -in ${DOMAIN}.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out ${DOMAIN}.crt
Wildcard for 10 years
DOMAIN="infra.domain.cloud"
openssl req -x509 \
-subj "/C=US/L=Domain/O=Local/CN=*.$DOMAIN" \
-addext "subjectAltName = DNS:$DOMAIN, DNS:*.$DOMAIN" \
-newkey rsa:2048 \
-noenc \
-days 3650 \
-keyout $DOMAIN-wildcard.key.pem \
-out $DOMAIN-wildcard.cert.pem
Get certificate from site:
View content of file