To access and sync my Owncloud's calendar and contacts with my Android
phone in a (more-or-less) secure manner through HTTPS, I needed to get a
SSL/TLS certificate. Or precisely: a self-signed root CA (Certification
Authority) certificate.
After searching for Howtos and creating a bunch of CA certificates,
normal certificates, signing them, signing them vice-versa etc. -- yes,
I don't really have a clue -- I mostly run into one of these errors:
- when signing normal cert with CA cert: "not self-signed"
- when self-signing normal cert with itself: "no Basic Constraint CA flag"
Then I finally found (https://langui.sh/2009/01/18/openssl-self-signed-ca/)
this one-liner that does the job just fine::
$ openssl req -newkey rsa:2048 -days 365 -x509 -nodes -out root.cer
Make sure to use the domain name you want to use this certificate on as
the Common Name (CN).
This creates a certificate file (named as defined in the -out parameter)
and a key file, named 'privkey.pem' in my case. I had to upload this to
in the admin interface of my shared hoster, and 5 minutes later the
certificate was installed and accepted by DAVDroid, the Android syncing
app.