Skip to main content
L
Loopaloo
Buy Us a Coffee
All ToolsImage ProcessingAudio ProcessingVideo ProcessingDocument & TextPDF ToolsCSV & Data AnalysisConverters & EncodersWeb ToolsMath & ScienceGames
Guides & BlogAboutContact
Buy Us a Coffee
L
Loopaloo

Free online tools for developers, designers, and content creators. All processing happens entirely in your browser - your files never leave your device. No uploads, no accounts, complete privacy.

support@loopaloo.com

Tool Categories

  • Image Tools
  • Audio Tools
  • Video Tools
  • Document & Text
  • PDF Tools
  • CSV & Data
  • Converters
  • Web Tools
  • Math & Science
  • Games

Company

  • About Us
  • Contact
  • Blog
  • FAQ

Legal

  • Privacy Policy
  • Terms of Service
  • Disclaimer

Support

Buy Us a Coffee

© 2026 Loopaloo. All rights reserved. Built with privacy in mind.

Privacy|Terms|Disclaimer
  1. Home
  2. Web Tools
  3. Self-Signed Certificate Generator
Add to favorites

Self-Signed Certificate Generator

Generate self-signed SSL/TLS certificates for local development and testing. Includes Subject Alternative Names support

Need a self-signed certificate for local development or internal testing? Generate one here in seconds, set the domain, validity period, and key type, then download the cert and key pair.

Runs in your browser and files never uploadedMore web toolsJump to full guide

Related reading

  • Understanding SSL/TLS Certificates: How HTTPS Keeps the Web Secure14 min read

Initializing in your browser…

You might also like

CSR Generator

Generate Certificate Signing Requests (CSR) for SSL/TLS certificates with RSA key pairs. Submit to CAs for certificate issuance

Certificate Decoder

Decode and analyze PEM-encoded X.509 SSL/TLS certificates. View subject, issuer, validity, extensions, and fingerprints

SSL Certificate Checker

Check if a website has valid SSL/TLS certificate. Verify HTTPS connection and get tools for detailed certificate analysis

Self-Signed Certificate Generator: a worked example

You need HTTPS on a local dev box (https://localhost:8443) without paying a CA or fighting an internal PKI.

Inputs

CN localhost · SAN localhost, 127.0.0.1 · Validity 365 days · Key RSA 2048
Self-Signed Certificate Generator produces

Cert + key (PEM)

-----BEGIN CERTIFICATE-----  (server.crt, self-signed)
-----BEGIN PRIVATE KEY-----  (server.key, load into your dev server)

Note: browsers will warn "not trusted" until you add this cert
to your OS/browser trust store, expected for self-signed.

A self-signed certificate is signed by its own key rather than a trusted CA, which is perfectly fine for local development and internal testing. Including `127.0.0.1` and `localhost` as SANs is essential, modern browsers reject certs that lack a matching SAN even on localhost. Everything is generated client-side.

What is Self-Signed Certificate Generator?

Need a self-signed certificate for local development or internal testing? Generate one here in seconds, set the domain, validity period, and key type, then download the cert and key pair.

How to use

  1. 1Enter the Common Name (e.g., localhost or an internal hostname).
  2. 2Set the validity period in days.
  3. 3Choose RSA or ECDSA and the key size.
  4. 4Download the certificate and private key.

Key features

  • RSA and ECDSA key types
  • Custom validity period
  • SAN support for multiple hostnames
  • PEM-formatted cert and key output
  • Client-side generation

Common use cases

  • Local HTTPS development

    Run your dev server over HTTPS without buying a certificate or setting up Let's Encrypt locally.

  • Internal service TLS

    Encrypt traffic between internal services on a private network where public CA trust isn't needed.

  • Testing TLS configurations

    Generate throwaway certs to test server TLS settings, cipher suites, and client certificate validation.

Frequently asked questions

Will browsers trust a self-signed certificate?

Not by default. You'll see a security warning that you can bypass for development. For production, use a certificate from a trusted CA.

How long should the validity period be?

For local dev, 365 days is typical. For internal services, match your organization's certificate rotation policy.

Private by design

This runs as client-side JavaScript. Keys, tokens, payloads, and other inputs never leave your device.