Below are the steps and additional information used to generate self-signed certificate and keys for Apache Web server in XAMPP for Win32 platform.
#Step 1: Generate a Private Key
[root@localhost bin]#openssl genrsa -des3 -out server.key 1024
Loading ‘screen’ into random state – done
Generating RSA private key, 1024 bit long modulus
…………………………………………………++++++
……………………………………++++++
e is 65537 (0×10001)
Enter pass phrase for server.key: xxxxxxxx
Verifying – Enter pass phrase for server.key: xxxxxxxx
#Step 2: Generate a CSR (Certificate Signing Request)
[root@localhost bin]# openssl req -new -key server.key -config “/opt/lampp/etc/openssl.cnf”” -out server.csr
Enter pass phrase for server.key: xxxxxxxx
Loading ‘screen’ into random state – done
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]: IN
State or Province Name (full name) [Some-State]:CHD
Locality Name (eg, city) []:CHD
Organization Name (eg, company) [Internet Widgits Pty Ltd]: LuvUnix
Organizational Unit Name (eg, section) []:IT
Common Name (eg, YOUR name) []:localhost
Email Address []: Blank
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: Blank
An optional company name []: Blank
#Step 3: Remove Passphrase from Key
[root@localhost bin]# copy server.key server.key.org
1 file(s) copied.
[root@localhost bin]# openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:
writing RSA key
#Step 4: Generating a Self-Signed Certificate
[root@localhost bin]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Loading ‘screen’ into random state – done
Signature ok
subject=/C=IN/ST=CHD/L=CHD/O=LuvUnix/OU=IT/CN=localhost/emailAddress=
Getting Private key
#Step 5: Installing the Private Key and Certificate
[root@localhost bin]# copy server.crt /opt/lampp/etc/ssl.crt/
[root@localhost bin]# copy server.key /opt/lampp/etc/ssl.key/
#Step 6: Restart Apache and Test
Restart Apache
Credit :- latunyj.wordpress.com