Self-Signed Certificate

Generate a self-signed X.509 RSA certificate (PEM) for dev / staging.

Common name (CN) Key size Valid days Extra SAN DNS names (comma-separated)

About this tool

Generate a brand-new RSA private key and self-signed X.509 certificate for any host. Output is PEM-encoded — copy directly into nginx / Apache / Caddy. Production traffic should always use a CA-issued certificate.