Self-issued SSL Certificates for Servers To clearly say upfront: SSL Certificates could be a costly 'Game'! There a lot companies who selling SSL (Secure Sockets Layer) Certificates for to provide secure connections via the Internet and Intranet, as well as even in an LAN (Local Area Network). SSL is an standard security technology which places an encrypted link between an browser and an webserver. Those SSL Certificates cost quite a lot and will need to be paid in advance for for at least 1 year and need to be paid again if the SSL Cert will be used for longer peirods. There several levels of SSL Certificates called Class: Class 1 for individuals, intended for email. Class 2 for organizations, for which proof of identity is required. Class 3 for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority. Class 4 for online business transactions between companies. Class 5 for private organizations or governmental security As higher the Class, as higher the cost!! Except Class1, all other need Identification proof, real Identification proof! For to keep the cost low, special for beginners, there is an way for to use Self-issued SSL Certificates free of cost. It has an disadvantage: the users browsing your site will get a warning each time saying that the certificate is not trusted by a known CA and that could scare them away. As long as the user know why that message appears, it wouldn't be a problem because and in fact, the user still connect to an secure site and/or server. Just an Self-issued SSL Certificate isn't recommended for more than just 'private' use! Just, the Self-issued SSL Certificates are great for to learn the basics of secure connections via Internet and Intranet. For to use an Self-issued SSL Certificate, you'll need to use an small apps openssl.exe (download from here: https://mega.co.nz/#!VsAxXTQA!fL1jswbE-LI32spG8eEy4IgFkbS97QXFjvOG-r2E7Sg. Extract the archive to the folder of your Server apps. Create using Notepad and textfile called makecert.bat with the following content: Code: @echo off echo ---------------------- Generating SSL Server Key ---------------------- openssl genrsa -rand efsws_rand.txt -out ServerKey.pem 2048 echo ------------ Generating self-issued SSL Server Certificate ------------ openssl req -new -key ServerKey.PEM -out ServerCert.pem -x509 -config openssl.cnf -days 365 echo -------- SSL Server key and self-issued certificate generated --------- Save the file as makecert.bat and run it as Administrator. There will be several questions asked which you could use to provide the infos which should be used. After that's done, 2 files will be created: your private y as ServerKey.pem your Self-issued Certificate as ServerCert.pem Both file must be on root of your server apps, that's why the RAR Archive should be extracted to there and also the makecert.bat should be located there. Note: makecert.bat will create an SSL Cert 2048bit! Also don't forget to set your server for https top port 443 and forward that port in your Router correctly. ************************************************************ If you like to use an CA for to create an Free Class1 (or higher, costly) SSL Certificate, look at https://www.startssl.com which will give you an free SSL for 1 year, which you could extend every year. Be aware by using and CA about the Rules, read all of those BEFORE start using any of the CA SSL Certificates! Even an FRee Class1 Cert could turn quite costly if not handled correctly!