Self Signed Certificates
It is recommended to avoid using self-signed certificates in production. ...we can't always adhere to what is recommended. ...sometimes, that's for a very good reason.
Generating Self-Signed Certificates¶
There are a plethora of ways! Here are a few that I like:
cd $(mktemp -d) && pwd # Create a temp directory and change into it openssl req -newkey rsa:2048 -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key chmod o-r gitlab.key
The command line is great but
openssl can be a bit much if you just want to do the thing so you can move on to what you're really trying to do. I like TinyCA for those moments. It's a little GUI wrapper for
openssl that makes generating self-signed certs a little less like casting a spell. There's also
Smallstep has a free for dev certificate management solution that seems interesting.