Create self-signed SSL certificate for Nginx


First of all create the server key:

openssl genrsa -des3 -out self-signed.key 2048

Enter a password twice and note it!

Create the CSR (when requested, enter the password that you used above):

openssl req -new -key self-signed.key -out self-signed.csr

Answer the questions and put your domain name that you want to use the certificate for as "Common Name".

Remove the passphrase (you'll need the password that you noted above):

cp self-signed.{key,orig}
openssl rsa -in self-signed.orig -out self-signed.key
rm -f self-signed.orig

Create the certificate:

openssl x509 -req -days 365 -in self-signed.csr -signkey self-signed.key -out self-signed.crt

You can then use your new certificate in your nginx vhost like this:

server {
...
ssl_certificate      /path/to/self-signed.crt;
ssl_certificate_key  /path/to/self-signed.key;
...
}