Generating a Self Signed Wild Card SSL Cert
As I have many domains and services on too many servers, I found it easier to use one shared self generated wildcard SSL which I’ve added trust keys into client devices.
Here’s just a quick run down of the steps:
mkdir /etc/ssl/andrewklau.com cd /etc/ssl/andrewklau.com openssl genrsa 2048 > andrewklau.key # Last for 10 years openssl req -new -x509 -nodes -sha1 -days 3650 -key andrewklau.key > andrewklau.crt # When it asks for Common Name enter the wildcard *.andrewklau.com openssl x509 -noout -fingerprint -text &lt; andrewklau.crt &gt; andrewklau.info cat andrewklau.crt andrewklau.key &gt; andrewklau.pem chmod 400 andrewklau.key andrewklau.pem
Now backup these files to a centralized location. There should be 4 generated files.
Installing it to any other server is as easy as every other guide out there, you have your .pem, .crt and .key