Create a CA with OpenSSL on Windows ๐
Learn how to create a Certificate Authority using OpenSSL on Windows with step-by-step commands and download link.
The Network Viking
1.5K views โข Oct 19, 2025
About this video
OpenSSL download link:
https://slproweb.com/products/Win320penSSL.html
COMMANDS:
Generate the CA private key:
openssl genpkey -algorithm RSA -aes256 -out private/ca.key -pkeyopt rsa_keygen_bits:4096
Generate the self-signed CA certificate:
openssl req -new -x509 -days 3650 -key private/ca.key -out TheNetworkViking.crt -config openssl.cnf
Replace TheNetworkViking.crt with the name you want to provide to your self-signed CA cert (make sure to update the cnf file as well accordingly)
Generate a private key for the server/client:
openssl genpkey -algorithm RSA -out requests/tnv.key -pkeyopt rsa_keygen_bits:2048
Replace tnv.key with an appropriate name (e.g., webserver1.key, client1.key, etc).
Create a CSR for the server/client:
openssl req -new -key requests/tnv.key -out requests/tnv.csr -config openssl.cnf
Sign the CSR with your CA:
openssl ca -config openssl.cnf -policy policy_loose -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
OR
openssl ca -config openssl.cnf -policy policy_strict -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
The config file has been shared on my Telegram channel.
Connect with me on thenetworkviking13@gmail.com
Join this channel to support my work:
https://www.youtube.com/channel/UCK8xfX6yz8vxveL7EE-fC9w/join
For more tech tutorials and cybersecurity tips, don't forget to like, share, and subscribe to my channel.
Connect with me on my social media for more updates and tips:
LinkedIn: www.linkedin.com/in/ahsan-abbas
Instagram: www.instagram.com/thenetworkviking/
Telegram: https://t.me/+XMvlae74cA9lYTRl
Twitter: twitter.com/TheNetworkVikin
If you have any questions or need further clarification, leave a comment below. Thanks for watching!
https://slproweb.com/products/Win320penSSL.html
COMMANDS:
Generate the CA private key:
openssl genpkey -algorithm RSA -aes256 -out private/ca.key -pkeyopt rsa_keygen_bits:4096
Generate the self-signed CA certificate:
openssl req -new -x509 -days 3650 -key private/ca.key -out TheNetworkViking.crt -config openssl.cnf
Replace TheNetworkViking.crt with the name you want to provide to your self-signed CA cert (make sure to update the cnf file as well accordingly)
Generate a private key for the server/client:
openssl genpkey -algorithm RSA -out requests/tnv.key -pkeyopt rsa_keygen_bits:2048
Replace tnv.key with an appropriate name (e.g., webserver1.key, client1.key, etc).
Create a CSR for the server/client:
openssl req -new -key requests/tnv.key -out requests/tnv.csr -config openssl.cnf
Sign the CSR with your CA:
openssl ca -config openssl.cnf -policy policy_loose -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
OR
openssl ca -config openssl.cnf -policy policy_strict -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
The config file has been shared on my Telegram channel.
Connect with me on thenetworkviking13@gmail.com
Join this channel to support my work:
https://www.youtube.com/channel/UCK8xfX6yz8vxveL7EE-fC9w/join
For more tech tutorials and cybersecurity tips, don't forget to like, share, and subscribe to my channel.
Connect with me on my social media for more updates and tips:
LinkedIn: www.linkedin.com/in/ahsan-abbas
Instagram: www.instagram.com/thenetworkviking/
Telegram: https://t.me/+XMvlae74cA9lYTRl
Twitter: twitter.com/TheNetworkVikin
If you have any questions or need further clarification, leave a comment below. Thanks for watching!
Video Information
Views
1.5K
Duration
15:15
Published
Oct 19, 2025
User Reviews
3.7
(1) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.