A self signed certificate is signed with its own private key instead of the private key of a higher or publicly trusted certificate authority (CA).
Questions tagged [self-signed-certificate]
148 questions
31
votes
2 answers
Why openssl ignore -days for expiration date for self signed certificate?
I have a bash script that generates a self-signed certificate and works perfectly fine:
#! /bin/bash
# Generate self signed root CA cert
openssl req -nodes -x509 -days 358000 -newkey rsa:2048 -keyout ca.key -out ca.crt -subj…
Alireza
- 643
17
votes
2 answers
Why not validate self signed certificates through DNS-record instead of letsencrypt
I was just wondering. We use a lot of SSL certificates. Nowadays, we almost exclusively use letsencrypt (thanks!). The bottom line of these certificates is, that proof of ownership of the domain name(s) on the certificate comes from the power to…
Jelmer Jellema
- 351
12
votes
1 answer
Self signed ssl I created for localhost cannot be trusted even though I have already imported it to chrome
I am creating https server side that I am using to practice OAuth to Instagram which requires https.
I generated a certificate using ssl by running the script from the following link:…
alexW
- 221
8
votes
1 answer
nginx: No client certificate CA names sent
I have nginx and want it to verify client certificates. So I bought commercial certificate for server, and non-commercial for clients. Basically I've generated client certificates with easy-rsa scripts. Connecting with client certificates validation…
adontz
- 347
- 1
- 5
- 12
8
votes
3 answers
How can I create self-signed certificate that is stronger than SHA-1?
For development environment, I can create create self-signed certificate in IIS7.5. But that certificate is SHA-1 and recently browsers are complaining about it. When I open FireBug I see following warnings:
"This site makes use of a SHA-1…
CrnaStena
- 191
6
votes
3 answers
openssl keeps creating v1 certificate instead of v3
Hell everyone,
so i'm trying to create a self signed certificate for my domain and for some reason openssl keeps creating V1 certificates for my server instead of V3 and that is causing browsers to not give me the "green lock" when im there.
Any…
Ghaith Haddad
- 123
6
votes
2 answers
How do I add certificates to Kubernetes to allow images to be pulled from a custom Harbor repository?
I am finding all sorts of walkthroughs on how to add certificates to be used in the pods themselves, but I can't seem to find info on how to setup Kubernetes to allow a self-signed cert for pulling images from a Harbor instance running inside the…
CodeChimp
- 363
- 2
- 6
- 18
5
votes
1 answer
Cannot add a self signed certificate in Firefox
I need to set up an IIS webserver that will be accessed by a small, finite number of users. I was considering using a self-signed certificate only, and manually installing it on the user's systems.
So I generated the certificate with IIS tools,…
galinette
- 203
5
votes
2 answers
how to create a SSL certificate chain from my own CA?
I use my own CA to create SSL certs for services in my infra. These certs are signed directly by my CA.
It comes to me that this is likely a weak strategy, as if the cert was to be compromised, I need to create new ones from the one CA. If the CA…
MrE
- 428
4
votes
3 answers
Does filling out the Country Name, State etc. matter when creating a self-signed certificate for Postfix?
When I set up Postfix I have to create a cert because the snakeoil cert included with Postfix is there strictly for the purpose of demonstration. I use this command:
sudo openssl req -x509 -newkey rsa:4096 -sha512 -keyout postfix-key.pem -out…
Harold Fischer
- 279
4
votes
1 answer
How to make wget trust my self signed certificate (without using --no-check-certificate)?
Ubuntu 12.04
OpenSSL 1.0.1 14
Wget 1.13.4
My setup:
create our own CA (our_own_ca.crt)
generate a certificate which is signed with the above CA (graphite.local.crt)
Concatenate that cert and the CA cert into a bundle file
Nginx…
quanta
- 52,423
3
votes
1 answer
x509 certificate not valid for any names when added IP address to openssl.cnf
A self-signed certificate works well while the command used to generate it on a ubuntu machine is:
openssl req -x509 -newkey rsa:4096 -keyout private.key -out cert.crt -days 365 -nodes
If the client side uses an IP address instead of the domain…
minghua
- 181
3
votes
0 answers
The revocation function was unable to check revocation for the certificate 0x80092012
Please help me to deal with self-signed revocation check
I've used makecert.exe to create root and client certificate
The problem is that certutil fails to check certificate with error
The revocation function was unable to check revocation for the…
oleksa
- 130
3
votes
2 answers
How to certify a self-signed imap email server
My task is to retrieve emails from an imaps email server using Java so as a client I need to authenticate the email server using an appropriate certificate. It seems however, that this email server is using a self-signed certificate which does not…
Eugene S
- 390
3
votes
4 answers
How could I prevent NetExtender Cli to asking certificate confirmation?
Our company is using self-signed SonicWall for firewall facility. And remote clients needs to be connect to internal network through VPN via NetExtender client.
Some of the clients are using Linux OS without Desktop Environment on purpose.
There is…
Sencer H.
- 612
- 1
- 9
- 18