openssl-req:tldr:3d544
openssl-req: Generate a self-signed certificate and a corresponding key-pair, storing both in a file.
$ openssl req -new -x509 -newkey ${rsa}:${4096} -keyout ${filename-key} -out ${filename-cert} -subj "${-C=XX-CN=foobar}" -days ${365}
try on your machine
This command uses the openssl tool to generate a self-signed X.509 certificate. Let's break down the different components and options of the command:
req: This option specifies that we want to generate a certificate signing request (CSR) or a self-signed certificate.-new: This option indicates that we want to generate a new CSR or certificate.-x509: This option specifies that we want to generate a self-signed X.509 certificate.-newkey ${rsa}:${4096}: This option generates a new RSA private key with a key length of 4096 bits.-keyout ${filename-key}: This option specifies the filename to save the generated private key.-out ${filename-cert}: This option specifies the filename to save the generated certificate.-subj "${-C=XX-CN=foobar}": This option sets the subject (or identity) of the certificate. In this case, it sets the country (-C) to "XX" and the common name (-CN) to "foobar". Feel free to replace "foobar" with the desired common name and "XX" with the desired country code.-days ${365}: This option sets the validity period of the certificate in days, in this case, 365 days.
Overall, this command generates a new private key, a self-signed X.509 certificate, and saves them with the provided filenames. It sets the subject and validity period of the certificate according to the specified options.
This explanation was created by an AI. In most cases those are correct. But please always be careful and
never run a command you are not sure if it is safe.