Creating a self-signed certificate (HTTPS)

phykell · 13 Jun 2006 at 15:44

I've got a firewall that provides a self-signed certificate. It isn't exactly inspiring so I thought I might provide my own. Obviously I want to do my own certificate as it's far too expensive to have a third party sign one for me, so is there a "best practice" to follow for such things and should I have one for each firewall/server I have?

Thanks for looking

csmager · 13 Jun 2006 at 16:02

Have a look at http://cert.startcom.org

They provide free SSL certificates, and their CA is already trusted by default in the next version of Firefox and Mozilla. IE and others are supposed to follow shortly.

phykell · 13 Jun 2006 at 16:45

Thanks, that looks fine for my company web site but I need one for my hardware firewall appliance. I went down the route of installing OpenSSL and creating my onw self-signed certificate but I got stuck at installation of my certificate because the firewall requires it in PKCS12 format. Basically I have to convert my .cer file to a .p12 file. There's a guide here: http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html but it no longer recommends the given method for creating the PKCS12 version of the certificate.

Creating a self-signed certificate (HTTPS)

phykell

phykell

csmager

csmager

phykell

phykell