minio/docs/configure-minio-with-gnutls-windows.md

Generate self signed certificate with GnuTLS under Windows

1. Install GnuTLS

Download and decompress the Windows version of GnuTLS from here

Add the directory gnutls-3.4.9-w64/bin to your PATH environment and restart your console

2. Generate private.key

Run the following command to create private.key

certtool.exe --generate-privkey --outfile private.key 

3. Generate public.crt

The easiest way is to generate certificate is to specify its information under a file. You can find an example below. We'll call that file cert.cnf.

# X.509 Certificate options
#
# DN options

# The organization of the subject.
organization = "Example Inc."

# The organizational unit of the subject.
#unit = "sleeping dept."

# The state of the certificate owner.
state = "Example"

# The country of the subject. Two letter code.
country = "EX"

# The common name of the certificate owner.
cn = "Sally Certowner"

# In how many days, counting from today, this certificate will expire.
expiration_days = 365

# X.509 v3 extensions

# DNS name(s) of the server
dns_name = "localhost"

# (Optional) Server IP address
ip_address = "127.0.0.1"

# Whether this certificate will be used for a TLS server
tls_www_server

# Whether this certificate will be used to encrypt data (needed
# in TLS RSA ciphersuites). Note that it is preferred to use different
# keys for encryption and signing.
encryption_key

Now, it is time to generate the public certificate using this command:

certtool.exe --generate-self-signed --load-privkey private.key --template cert.cnf --outfile public.crt 

That's it.