22 Oct How to create a self-signed SSL certificate using CertReq
Configuring any Web service to work over HTTP using SSL is a good idea.
We certainly recommend it for BackupAssist’s Multi-site Manager (BAMM) and in this post I’ll show you how to create an SSL certificate you can then bind this kind of service to.
There is an SSL setup guide linked in the BAMM software however that requires you a) have a server operating system and b) is a little long-winded.
The alternative which I find only take a few seconds, is to use the built-in Windows command tool ‘CertReq’.
First create a config file
The first thing we need is a simple text file, so lets name it ‘cert.txt’ and add the following lines:-
; At least one value must be set in this section
Subject = "CN=bamm.mydomain.com"
KeyLength = 2048
Exportable = TRUE
KeyAlgorithm = RSA
MachineKeySet = true
RequestType = Cert
Note: You’ll need to replace ‘bamm.mydomain.com’ with the Fully Qualified Domain Name (FQDN) record you wish to use for your SSL certificate. This can also be defined as an IP address if you only wish to use the service inside a private network.
The important bit is that we set
RequestType = Cert. This option indicates a self-signed or self-issued certificate. It does not generate a request, but rather a new certificate and then installs the certificate. Self-signed is the default.
Then create your certificate
To actually create the certificate, it’s as simple as running the following command:-
%Windir%\System32\certreq.exe -new cert.txt
This works well on Windows 7 and Windows 8 but it will also work on server-based operating systems too.
After the certificate has been created it should automatically be added to the local certificate store and should be listed within the BackupAssist MultiSite manager to use.