openssl req -newkey rsa:4096 -nodes -keyout key.pem -x509 -days 3650 -out certificate.pem -sha256
openssl x509 -text -noout -in certificate.pem
openssl pkcs12 -inkey key.pem -in certificate.pem -export -out certificate.pfx
openssl pkcs12 -in certificate.pfx -noout -info
Links:
- Generating a self-signed certificate using OpenSSL
- Generate an OpenSSL Certificate Request with SHA256 Signature
- Create a .pfx/.p12 certificate file using OpenSSL
- StackOverflow on when OpenSSL isn’t cooperating (I didn’t have luck with this, so I generated my cert on OS X).
- (Requires installation of Windows SDK) How can I create self-signed certificate that is stronger than SHA-1?