DOT NET developer blog: Create Self Signed Certificate

Scenario: Scan your website for SSL vulnerabilities

Solution:

Create Self Signed Certificate

Below are the steps:

mmc -> Add/Remove Snap-ins -> Certificates -> Computer Account -> Finish -> Ok
Certificates -> Personal -> Certificates -> Request New Certificate -> Active Directory Enrollment Policy -> Web Server 2010 -> Certificate Properties
Name - {cert_name}
Subject name:

Common name - *.subdomain.domain.com
Email - test@test.com
Organzation - Test

Alternative name:

DNS - my.site1.test.com
DNS - my.site2.test.com
DNS - my.site.test.com
ipv 6: - ip address

Certificate is now available.
IIS -> Web Site -> Bindings -> 443 -> SSL certificate

Use Open SSL to create certificate:

>openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr -config ssl.conf

>openssl x509 -req -in server.csr -signkey server.key -out server.crt

>openssl pkcs12 -export -out gfcclocal.pfx -inkey server.key -in server.crt

[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = NY
L = New York
O = Test, Inc.
OU = MyDivision
CN = *.cloud.test.com
[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = my.site.test.com
DNS.2 = my.site1.test.com
DNS.3 = my.site2.test.com
DNS.4 =  ip address

DOT NET developer blog

Create Self Signed Certificate

Scenario: Scan your website for SSL vulnerabilities

Solution:

No comments:

Post a Comment

Move Github Sub Repository back to main repo