Using make-dummy-cert to Create a Self-Signed Certificate to HTTPS enable an NGinx Served Website in CentOS – and other mouthfuls

Written by James McDonald

March 26, 2014

I’m using CentOS release 6.5 (Final). Located in /etc/pki/tls/certs is a file named “make-dummy-cert”

In the answers() section you can enter some reasonably valid content (see example below) and then run it with a target file name (I generally make the file the same as the domain you are creating the certificate for) . make-dummy-cert combines the cert and the key in one file.

/etc/pki/tls/certs/make-dummy-cert /etc/nginx/certs/ssl.example.com

This will create a combined certificate. On Nginx I think you need to specify the following to enable the SSL dummy cert

server {
    listen       443 ssl;
    server_name  localhost;

    ssl_certificate      /etc/nginx/certs/ssl.example.com;
    ssl_certificate_key  /etc/nginx/certs/ssl.example.com;

...

This is the content of make-dummy-cert just in case you want to use it on a non-redhatian OS.

#!/bin/sh
umask 077

answers() {
        echo --
        echo NSW
        echo Maitland
        echo "James McDonald IT Services"
        echo Hosting
        echo jmits.com.au
        echo james@jmits.com.au
}

if [ $# -eq 0 ] ; then
        echo $"Usage: `basename $0` filename [...]"
        exit 0
fi

for target in $@ ; do
        PEM1=`/bin/mktemp /tmp/openssl.XXXXXX`
        PEM2=`/bin/mktemp /tmp/openssl.XXXXXX`
        trap "rm -f $PEM1 $PEM2" SIGINT
        answers | /usr/bin/openssl req -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 2> /dev/null
        cat $PEM1 >  ${target}
        echo ""   >> ${target}
        cat $PEM2 >> ${target}
        rm -f $PEM1 $PEM2
done

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

How to Research a CPU Upgrade

How to Research a CPU Upgrade

Upgrade Time! Doing a lot of VMWare Workstation virtualization to create labs for self-study and training. Finding...