My weekend project - Create a self-signed SSL certificate instantly and for free

This is nice. I could see myself using it even though I normally do this on the command line, as this would be faster.<p>Comments:<p>* You're often too literal, especially given your audience is going to be largely people that find it too complex to do it manually themselves. People don't think of "common names", they think "url" or "hostname".<p>* Where's my back button?<p>* Again on the literal front, you've copied the OpenSSL descriptions of OU and stuff and expect the user to know what it is. Fill in sample data or placeholder so that it helps the user figure out what they want, should they want to customize it. Consider removing fields if no one cares.<p>* Do you even need the second screen? You could just put "domain name" and "secret key passphrase" on the front page and go straight to the download after that<p>* If you want to make it more helpful, on the download page have something like "What next?" and have some pointers to installation/configuration instructions.

Pretty cool, but there are a couple injection vulnerabilities when you make the cert.

Nice work. This is easier to share with someone than pointing them to openssl. Also, misspelled oxygen in "feedback is my oxigen".

as I stated the last time a site like this appeared on the front page: the third party running the site has your private key, so they can decrypt everything<p>are two openssl commands really that hard?<p>(yes it's a self signed cert, but it's still a bad idea)

You comments / suggestions / bug reports are very welcome. Thanks.

you could also integrate the paid verified ssl's into this. I remember generating it from godaddy was a pain.. by the way nice work.

I just sent an security issue (via github).