Reputation: 259
Creating SSL sertificate with trusted CA
I'm not quite sure if this question applies to this forum but if it does maybe someone knows if it is possible using Open SSL to create a SSL sertificate that browsers wouldn't throw warning messadges that our created SSL sertificate is untrusted?
Upvotes: 1
Views: 457
Answers (2)
Reputation: 48606
This is probably better handled on server fault, but I will tell you that NO you cannot do this. The reason browsers don't like your certificate is that you are not a recognized certificate authority. As such, a browser will always warn about your certificate being untrustworthy, since the browser does not know who you are, or why anyone should trust you.
EDIT: As Alex K points out, you can install your certificate on machines you know will access your site, which works reasonably well for scenarios where the site will only be accessed by a limited number of known users/machines. My point still stands regarding wider distribution. Thanks, Alex.
Upvotes: 1
Reputation: 46094
Technically it is possible if you have CA's private key to sign the newly created certificate. As you probably don't have a key, the answer is probably no. Just go ahead and purchase a certificate from one of CAs. If you do minimal research, you will find that some CAs offer very affordable prices.
Upvotes: 1
Related Questions
- How to create a trusted self signed SSL certificate
- ssl cacertfile generation
- Error creating an SSL Certificate
- openssl create certificate and key
- Load CA Certificate to OpenSSL
- How to create a CA with openssl *with minimal power*
- SSL Certificate: how to setup CA to deal with certificate chain?
- How to generate SSL certificate using openSSL?
- I'd like to create SSL sertificates for my test environment
- Creating your own ca with open ssl in windows