Posted Saturday, September 11th, 2021
There are times as a developer when developing or testing out deployments, you need an SSL certificates to test integrations or identification with other services. A good example is when identfying your application with Azure Active Directory which allows you to authenticate with a certificate.
In this guide you will learn how to create a Self-Signed Certificate that you can use for such kind of authentication or connection.
Cygwin is a linux/unix sub system that will give you Unix/Linux utilities on the Windows environment it is installed in.
We will use OpenSSL which is a full toolkit for SSL and TLS secure connections. This toolkit comes bundled up with Cygwin. Download setup-x86_64.exe and install it. Follow the default steps and finish the install.
You do not need to select any more packages unless you need them. Also don't install cygwin in your root directory i.e. C:\
.
First create a private key for the certificate
openssl genpkey -out my-private-key-name.key -algorithm RSA -pkeyopt rsa_keygen_bits:2048
Create a certificate signing request (also CSR or certification request).
openssl req -new -key my-private-key-name.key -out my-private-key-csr-name.csr
Country Name (2 letter code) [XX]:.
State or Province Name (full name) []:.
Locality Name (eg, city) [Default City]:.
Organization Name (eg, company) [Default Company Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (eg, your name or your server hostname) []:{your-device-id}
Email Address []:
Check the the CSR that was generated in the above command.
openssl req -text -in my-private-key-csr-name.csr -noout
Sign the certificate and generate the public key to be given to remote peers that will connect with your host.
openssl x509 -req -days 365 -in my-private-key-csr-name.csr -signkey my-private-key-name.key -out my-public-key-name.crt
See key thumb print which you need when telling your system or apps to use the key.
openssl x509 -in my-public-key-name.crt -noout -fingerprint
Export your x509 certificate and private key to a pfx file which you can use to import the key set into a your windows or other environments.
openssl pkcs12 -export -out my-public-private-key.pfx -inkey my-private-key-name.key -in my-public-key-name.crt
On Windows, Click start
menu then Type run
and press Enter
Type mmc
and press Enter
or Click Ok
On the Console Root, Click File > Add / Remove Snap-in..
On the Add / Remove Snap-in Window, Find and Double click on Certificates. Choose My Current Account and Click Finish.
Click okay to go back to Console
Navigate to Certificate Current User
> Personal
> Certificates
.
Go to More Actions > Alls Tasks > Import.
On the import window, click next and browse files then select my-public-private-key.pfx
. Click Open and follow the wizard to finish.
You have now imported your certificate and it is ready for use on your windows machine.
Thank you for finding time to read my post. I hope you found this helpful and it was insightful to you. I enjoy creating content like this for knowledge sharing, my own mastery and reference.
If you want to contribute, you can do any or all of the following 😉. It will go along way! Thanks again and Cheers!