Download và cài đặt openssl:
https://slproweb.com/download/Win64OpenSSL-1_1_1d.exe
Tạo root CA certificate:
openssl genrsa -out rootCA.key 4096
openssl req -new -x509 -key rootCA.key -out rootCA.crt -days 365000 -sha512
Tạo website certificate:
openssl genrsa -out hoshizora.key 4096
openssl req -new -key hoshizora.key -out hoshizora.csr
openssl x509 -req -in hoshizora.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out hoshizora.crt -days 730 -sha512 -extfile hoshizora.ext
Nội dung file hoshizora.ext:
subjectAltName = @alt_names
[alt_names]
DNS.1 = hoshizora.com
DNS.2 = *.hoshizora.com
IP.1 = 127.0.0.1
Tạo self signed certificate:
openssl req -x509 -newkey rsa:4096 -keyout localhost.key -out localhost.crt -nodes -days 365 -subj "/CN=localhost" -addext "subjectAltName = DNS:localhost"
Tạo file certificate pfx cho IIS:
openssl pkcs12 -export -out hoshizora.pfx -inkey hoshizora.key -in hoshizora.crt