Differences

This shows you the differences between two versions of the page.

--- networking:ssl-own-ca [2023/04/02 16:18] – oscar
+++ networking:ssl-own-ca [2023/04/02 16:39] (current) – [Creating CA-Signed Certificates for Your Dev Sites] oscar
@@ Line 1: / Line 1: @@
-====== Own SSL CA Authority for Local HTTPS ======
+====== SSL CA Authority for Local HTTPS ======
 When you generate a self-signed certificate the browser doesn’t trust it. It hasn’t been signed by a CA. The way to get around this is to generate our own root certificate and private key. We then add the root certificate to all the devices we own just once, and then all the self-signed certificates we generate will be inherently trusted.
+In the example below we create wild card certificates for our local domain (home.lan).
 ===== CA Key and Certificate =====
-==== Step 1: Create private key for local CA Certificate ====
+==== Step 1 : Create the CA Private Key ====
 To generate the private key to become a local CA execute:
   openssl genrsa -des3 -out Home-CA.key 2048
@@ Line 24: / Line 25: @@
 -rw-------  1 oscar oscar 1743 Apr  1 21:52 Home-CA.key
 </code>
-==== Step 2: Generate a root CA certificate ====
+==== Step 2: Generate the CA Root certificate ====
 Next, we generate a root certificate:
   openssl req -x509 -new -nodes -key Home-CA.key -sha256 -days 15000 -out Home-CA.pem
@@ Line 47: / Line 48: @@
 When you should see the following two files: Home-CA.key (your private key) and Home-CA.pem (your root certificate), you’re now a CA.
-===== Creating CA-Signed Certificates for Your Dev Sites =====
+===== Creating CA-Signed Certificates for internal Lan =====
 Now we’re a CA on all our devices and we can sign certificates for any new dev sites that need HTTPS.
 ==== Step 1: Create a Private Key ====