Can I use this certificate in production?

Self-signed certificates are not trusted by browsers or operating systems by default. They are suitable for development, testing, and internal services.

Why provide an openssl command instead of the cert?

Building a complete X.509 ASN.1 structure in the browser without a library is extremely error-prone. The openssl approach is reliable and gives you a properly formed certificate.

RSA Key Pair + OpenSSL Command

Generate an RSA key pair and get the OpenSSL command to create a self-signed certificate.

Common Name (CN)

Organization (O)

Country (C, 2 letters)

State (ST)

Locality (L)

Validity (days)

Key size:

Related Tools

#RSA Key Generator

Generate RSA key pairs (2048 or 4096-bit) and export as PEM in your browser.

#CSR Generator

Fill in your details and get a ready-to-run openssl command to generate a CSR and key.

#PEM Key Parser

Paste a PEM private or public key to detect its type, algorithm, and key size.

FAQ

Can I use this certificate in production?: Self-signed certificates are not trusted by browsers or operating systems by default. They are suitable for development, testing, and internal services.
Why provide an openssl command instead of the cert?: Building a complete X.509 ASN.1 structure in the browser without a library is extremely error-prone. The openssl approach is reliable and gives you a properly formed certificate.

Generate an RSA-2048 or RSA-4096 key pair using Web Crypto and export both keys as PEM. Because constructing a full X.509 ASN.1 structure in the browser is extremely complex, this tool also generates the exact openssl command pre-filled with your subject details, so you can create the self-signed certificate locally with a single command.