Link to home
Start Free TrialLog in
Avatar of Matthew Cioffi
Matthew CioffiFlag for United States of America

asked on

Need to create an internal certificate for SSL

We are looking to create our own certificates that we can use for TEST servers in house.  Our application is accessed via web browser and we need to run QA through the application testing in HTTPS as well as HTTP.  We want to generate certificates internally so they do not expire.  We do not want to purchase certificates because these servers are not exposed to the internet and will never be, so we need to have a method of creating the certificate and then registering the CA on each workstation.  I think  we can use OpenSSL to do the generation, but who do i ensure that the clients will see the certificate properly, how would i register the CA on each station.  We will have mostly IIS and some Apache on Solaris and Linux.

Thanks.
ASKER CERTIFIED SOLUTION
Avatar of jose_juan
jose_juan
Flag of Spain image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Paranormastic
Paranormastic
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
For updating your clients - MS is easiest through GPO, or just double-click and run the wizard (vista/2008 click box to 'show physical stores') and put into the trusted root store.  For your other environments, refer here, again substituting for your CA:
http://wiki.cacert.org/wiki/ImportRootCert
http://wiki.cacert.org/wiki/BrowserClients
http://wiki.cacert.org/wiki/EmailCertificates
As said above using SelfSSL would be the best option. Check out this detailed tutorial with screenshots

Setting up SSL with a SelfSSL certificate on Windows Server 2003
http://www.visualwin.com/SelfSSL/