Create a CA with OpenSSL on Windows ๐
Learn how to create a Certificate Authority using OpenSSL on Windows with step-by-step commands and download link.

The Network Viking
1.5K views โข Oct 19, 2025

About this video
OpenSSL download link:
https://slproweb.com/products/Win320penSSL.html
COMMANDS:
Generate the CA private key:
openssl genpkey -algorithm RSA -aes256 -out private/ca.key -pkeyopt rsa_keygen_bits:4096
Generate the self-signed CA certificate:
openssl req -new -x509 -days 3650 -key private/ca.key -out TheNetworkViking.crt -config openssl.cnf
Replace TheNetworkViking.crt with the name you want to provide to your self-signed CA cert (make sure to update the cnf file as well accordingly)
Generate a private key for the server/client:
openssl genpkey -algorithm RSA -out requests/tnv.key -pkeyopt rsa_keygen_bits:2048
Replace tnv.key with an appropriate name (e.g., webserver1.key, client1.key, etc).
Create a CSR for the server/client:
openssl req -new -key requests/tnv.key -out requests/tnv.csr -config openssl.cnf
Sign the CSR with your CA:
openssl ca -config openssl.cnf -policy policy_loose -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
OR
openssl ca -config openssl.cnf -policy policy_strict -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
The config file has been shared on my Telegram channel.
Connect with me on thenetworkviking13@gmail.com
Join this channel to support my work:
https://www.youtube.com/channel/UCK8xfX6yz8vxveL7EE-fC9w/join
For more tech tutorials and cybersecurity tips, don't forget to like, share, and subscribe to my channel.
Connect with me on my social media for more updates and tips:
LinkedIn: www.linkedin.com/in/ahsan-abbas
Instagram: www.instagram.com/thenetworkviking/
Telegram: https://t.me/+XMvlae74cA9lYTRl
Twitter: twitter.com/TheNetworkVikin
If you have any questions or need further clarification, leave a comment below. Thanks for watching!
https://slproweb.com/products/Win320penSSL.html
COMMANDS:
Generate the CA private key:
openssl genpkey -algorithm RSA -aes256 -out private/ca.key -pkeyopt rsa_keygen_bits:4096
Generate the self-signed CA certificate:
openssl req -new -x509 -days 3650 -key private/ca.key -out TheNetworkViking.crt -config openssl.cnf
Replace TheNetworkViking.crt with the name you want to provide to your self-signed CA cert (make sure to update the cnf file as well accordingly)
Generate a private key for the server/client:
openssl genpkey -algorithm RSA -out requests/tnv.key -pkeyopt rsa_keygen_bits:2048
Replace tnv.key with an appropriate name (e.g., webserver1.key, client1.key, etc).
Create a CSR for the server/client:
openssl req -new -key requests/tnv.key -out requests/tnv.csr -config openssl.cnf
Sign the CSR with your CA:
openssl ca -config openssl.cnf -policy policy_loose -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
OR
openssl ca -config openssl.cnf -policy policy_strict -extensions server_cert -in requests/tnv.csr -out certs/tnv.crt
The config file has been shared on my Telegram channel.
Connect with me on thenetworkviking13@gmail.com
Join this channel to support my work:
https://www.youtube.com/channel/UCK8xfX6yz8vxveL7EE-fC9w/join
For more tech tutorials and cybersecurity tips, don't forget to like, share, and subscribe to my channel.
Connect with me on my social media for more updates and tips:
LinkedIn: www.linkedin.com/in/ahsan-abbas
Instagram: www.instagram.com/thenetworkviking/
Telegram: https://t.me/+XMvlae74cA9lYTRl
Twitter: twitter.com/TheNetworkVikin
If you have any questions or need further clarification, leave a comment below. Thanks for watching!
Video Information
Views
1.5K
Duration
15:15
Published
Oct 19, 2025
User Reviews
3.7
(1) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.
No specific trending topics match this video yet.
Explore All Trends