HOWTO: Creating a Self-Signed Certificate With multiple domain names

Steps on Debian:

  1. Install openssl with the command apt-get install openssl
  2. Uncomment the line # copy_extensions = copy in /etc/ssl/openssl.cnf
  3. Copy to your computer

    (The magic for the multiple names is in the subjectAltName bit)

  4. Change all instances of '' in that file to your domain name
  5. To generate the key you run the following command: openssl req -newkey rsa -config -x509 -days 1095 -nodes -out -keyout
  6. To test te certificate you can use the commandopenssl x509 -in -text
  7. point your webserver to the created files (for nginx see the ssl_certificate and ssl_certificate_key directives)