I'm using CentOS release 6.5 (Final). Located in /etc/pki/tls/certs is a file named "make-dummy-cert"
In the answers() section you can enter some reasonably valid content (see example below) and then run it with a target file name (I generally make the file the same as the domain you are creating the certificate for) . make-dummy-cert combines the cert and the key in one file.
/etc/pki/tls/certs/make-dummy-cert /etc/nginx/certs/ssl.example.com
This will create a combined certificate. On Nginx I think you need to specify the following to enable the SSL dummy cert
server { listen 443 ssl; server_name localhost; ssl_certificate /etc/nginx/certs/ssl.example.com; ssl_certificate_key /etc/nginx/certs/ssl.example.com; ...
This is the content of make-dummy-cert just in case you want to use it on a non-redhatian OS.
#!/bin/sh umask 077 answers() { echo -- echo NSW echo Maitland echo "James McDonald IT Services" echo Hosting echo jmits.com.au echo [email protected] } if [ $# -eq 0 ] ; then echo $"Usage: `basename $0` filename [...]" exit 0 fi for target in $@ ; do PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` trap "rm -f $PEM1 $PEM2" SIGINT answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null cat $PEM1 > ${target} echo "" >> ${target} cat $PEM2 >> ${target} rm -f $PEM1 $PEM2 done
0 Comments