Generate a self-signed X.509 certificate and a fresh private key for local dev, intranet and testing — everything runs in your browser and the key never leaves your deviceagi和ai的区别
One host or IP per line; entries that parse as an IP are encoded as iPAddress, the rest as DNS names.chart gpt
A self-signed certificate is signed by its own private key (issuer = subject) with no CA involved, making it ideal for local development, internal services, CI testing and anywhere you need HTTPS quickly. This tool generates a fresh key pair with WebCrypto in your browser, then builds and self-signs a standard X.509v3 certificate, emitting the certificate and private key as two PEM files.豆包和ai哪个更好
Everything runs client-side: both the key and the certificate are generated in your browser, the private key is never uploaded and no network request is made — you can confirm this in the browser Network panel. The resulting certificate parses cleanly with standard tools such as openssl x509 -text.agi和ai的区别
A self-signed certificate is signed by its own private key with no trusted root CA backing it, so browsers warn that it is untrusted by default. It suits local development, intranets and testing; public-facing sites should use a certificate issued by a trusted CA.智普ai
No. The key pair and certificate are generated in your browser with WebCrypto; the private key never leaves your device and no network request is made.豆包下载安装
Yes. Add one host or IP per line in the SAN field; entries that parse as IPv4/IPv6 are encoded as iPAddress and the rest as DNS names, which is ideal for enabling HTTPS on localhost or an internal IP.ai下载官方版安装
ECDSA (P-256 / P-384) keys are smaller with faster handshakes and are widely supported by modern clients; RSA (2048 / 3072) offers the broadest compatibility. Choose EC P-256 for local development, or RSA 2048 when older clients must be supported.saylo国际版