4

I am using openssl (on windows) to create a csr to go with a (test trial) Certificate. I have never done this before, and I have a question: After creating the private key, you create a csr file and you're asked to give personal information. One of the things it asks you is Common Name, which means domain name. I am presently only running off localhost. I am practicing how do create a https:// site.

Question: can I create a valid csr by doing something like localhost:82? If not, what should I do?

Brad Cupit
  • 6,530
  • 8
  • 55
  • 60
user1015214
  • 2,733
  • 10
  • 36
  • 66

1 Answers1

5

Simple answer: open your hosts file (C:\Windows\System32\drivers\etc\hosts) and come up with a fancy domain name:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#       ::1             localhost
127.0.0.1       localhost

127.0.0.1       example.com  # <<< Your fancy domain goes here !!!

Then, tell your webserver to serve HTTPS requests to example.com.

aefxx
  • 24,835
  • 6
  • 45
  • 55
  • Does it need to be www.example.com? Do I need to restart the computer or anything? And, if I am using port 82, not 80 (for technical reasons), does it have to be example.com:82? – user1015214 Jan 13 '13 at 23:36
  • No, you can name it anything you want (e.g. google.com is fine, too). The `hosts` file takes precedence over DNS look-up, so literally, choose whatever pleases you. To answer your other question: you don't specify a specifc port in a CSR, the common name is basically your domain or subdomain (if you want to secure www.example.com). – aefxx Jan 14 '13 at 00:07
  • Ok, thanks. I think I'll just use localhost itself for now, since it seems from what you said that thats just as good as example.com. I'll be generating a new key and csr anyways once I make this live. – user1015214 Jan 14 '13 at 01:15