Skip to content

ssltestgen: Add script to generate local test ssl key+crt. #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 26, 2025
Merged

ssltestgen: Add script to generate local test ssl key+crt. #154

merged 1 commit into from
Nov 26, 2025

Conversation

@cederom
Copy link
Contributor

@cederom cederom commented Nov 26, 2025
edited
Loading

Summary

  • Sometimes a HTTPS version of the site needs to be tested locally before PR is submitted (i.e. to detect HTTP hardcoded links and/or components from external sites ).
  • This script genrates local testing SSL key and certificate using openssl. No external tools or sites needs to be used.
  • Enter key password (used to sign crt and launch srv) and cert details. Then: bundle exec jekyll serve --ssl-cert server.crt --ssl-key server.key.

Impact

  • Only local testing when HTTPS/SSL also needs to be tested this script provides quickest possible way to generate self-signed certificate locally.
  • No external tools or sites needs to be used.

Testing

Tested on FreeBSD 14.3:

  1. Generate ssl server.key + server.crt:
% ./ssltestgen.sh
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:PL
State or Province Name (full name) [Some-State]:WAW
Locality Name (eg, city) []:WAW
Organization Name (eg, company) [Internet Widgits Pty Ltd]:CeDeROM
Organizational Unit Name (eg, section) []:R&D
Common Name (e.g. server FQDN or YOUR name) []:localhost
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Enter pass phrase for server.key:
Certificate request self-signature ok
subject=C = PL, ST = WAW, L = WAW, O = CeDeROM, OU = R&D, CN = localhost
  1. Start local Jekyll with ssl:
% bundle exec jekyll serve --ssl-cert server.crt --ssl-key server.key
(..)
Enter PEM pass phrase:
    Server address: https://127.0.0.1:4000
  Server running... press ctrl-c to stop.

@cederom
ssltestgen: Add script to generate local test ssl key+crt.
5982c7c 
* This script genrates local testing SSL key and certificate using openssl.
* Enter key password (used to sign crt and launch srv) and cert details.
* Then: `bundle exec jekyll serve --ssl-cert server.crt --ssl-key server.key`.

Signed-off-by: Tomasz 'CeDeROM' CEDRO <tomek@cedro.info>
@acassis
Copy link
Contributor

acassis commented Nov 26, 2025

@cederom please explain "Why?" in the summary. That is the goal here? ("and why?")

@cederom
Copy link
Contributor Author

cederom commented Nov 26, 2025

@acassis done :-) Should I also update the git commit message? :-)

@xiaoxiang781216 xiaoxiang781216 merged commit b4dcbf7 into apache:master Nov 26, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@acassis acassis acassis approved these changes

@xiaoxiang781216 xiaoxiang781216 xiaoxiang781216 approved these changes

@linguini1 linguini1 linguini1 approved these changes

@jerpelea jerpelea Awaiting requested review from jerpelea

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cederom @acassis @xiaoxiang781216 @linguini1