Self-Signed SSL Certificate Generator
Generate a self-signed SSL certificate and private key for development, testing or internal services. Download as PEM files ready for use with Nginx, Apache or any other server.
⚠️
For development and internal use only. Self-signed certificates are not trusted by browsers for public websites — visitors will see a security warning. For production sites, use a free certificate from Let's Encrypt instead.
Using the Generated Certificate
Nginx: ssl_certificate /path/to/cert.pem; ssl_certificate_key /path/to/key.pem;
Apache: SSLCertificateFile /path/to/cert.pem
Node.js: https.createServer({key, cert}, app)
What is a self-signed certificate?+
A self-signed certificate is an SSL/TLS certificate signed by its own creator rather than a trusted Certificate Authority (CA). Browsers do not trust them by default for public sites. They are ideal for localhost development, internal tools and testing environments.
How is this different from a real SSL certificate?+
Real certificates are signed by trusted CAs (DigiCert, Let's Encrypt etc.) and are trusted by all browsers automatically. Self-signed certificates require users to manually trust them. For public websites, always use Let's Encrypt (free) or a paid CA.
What are Subject Alternative Names (SANs)?+
SANs allow one certificate to cover multiple domains, subdomains or IP addresses. Modern browsers require SANs — Common Name alone is no longer sufficient. Add all hostnames and IPs your certificate needs to cover.
Is the generated private key secure?+
The key is generated in JavaScript using the Web Crypto API in your browser and never transmitted to our servers. Treat the private key as you would any credential — never share it or store it in a public location.