How to create a self-signed x509 certificate with private and public keys?

Question

How to create a self-signed x509 certificate with private and public keys?

I am creating a "proof of concept" SSO using SAML2 and ADFS2 (IdP). Logging in works fine, however ADFS2 requires that my exit request be signed (with a private key), and then I would assume that then I would add the same certificate (.cer file) on the Signature tab in my trusted proxy parties in ADFS2. The only problem is that I do not have a certificate for my application (service provider). I understand that I can create a self-signed certificate for this purpose, but I cannot figure out how to create it with everything I need.

+5

x509certificate single-sign-on saml-2.0 adfs2.0

Brian david berman Jan 22 '13 at 17:25

source share

2 answers

smartin · Answer 1 · 2013-01-22T17:50:31+0000

To create a self-signed certificate, you need the openssl library to:

Debian: apt-get install openssl

Centos / RedHat: yum install openssl

Then follow these steps:

Create a private key:
openssl genrsa -out server.pem 1024
Generate CSR: (In the "Common Name" specify the domain of your service provider)
openssl req -new -key server.pem -out server.csr
Create a self-signed certificate
openssl x509 -req -days 365 -in server.csr -signkey server.pem -out server.crt

At the end of the process, you will receive server.csr (certificate signing request), server.pem (private key) and server.crt (self signed cert)

In windows you can use makecert.exe

Sean Hanley · Answer 2 · 2013-01-22T22:32:09+0000

SelfSSL Windows, ADFS. , IIS7.

:

selfssl7.exe /N cn=www.example.com /K 2048 /V 3652 /X /F C:\example.pfx /W foo

example.pfx 2048- , ~ 10 , "foo", , "www.example.com". , .cer .

How to create a self-signed x509 certificate with private and public keys?

More articles: