openssl genpkey -algorithm ed25519 -out ssl.pkey
OpenSSL Usage Notes
Create a self-signed TLS cert
-
Create a private key (PEM encoded)
-
To create a certificate we need to request one to a CA (in this case
-
ourselves). Create a CSR (Certificate Signing Request), fill it
-
(interactiverly) with details of the cert to generate and sign it with our
-
private key.
openssl req -new -key ssl.pkey -out csr
-
(Wears the CA hat)
-
Accept the CSR, generate the requested cert, make it last 1y, and sign it with our private key
openssl x509 -req -in csr -signkey ssl.pkey -days 365 -out domain.crt