diff --git a/haini.sh b/haini.sh
index bb0bcfd..c52a7df 100755
--- a/haini.sh
+++ b/haini.sh
@@ -55,6 +55,54 @@ correr() {
     /bin/sh -l -c "$1" < "${stdin:-/dev/null}"
 }
 
+generar_certificado() {
+  chmod 700 "$ENTORNO/etc/ssl/private"
+
+  ca_key="/etc/ssl/private/ca-sutty.key"
+  ca_crt="/etc/ssl/certs/ca-sutty.crt"
+
+  domain_key="/etc/ssl/private/sutty.local.key"
+  domain_csr="/etc/ssl/private/sutty.local.csr"
+  domain_crt="/etc/ssl/certs/sutty.local.crt"
+
+  if test -f "$DIR/../sutty.local/domain/sutty.local.crt"; then
+    SUTTY_LOCAL="$DIR/../sutty.local"
+
+    echo "Migrando certificados de sutty.local..."
+
+    cp "$SUTTY_LOCAL/ca/key.key" "$ENTORNO$ca_key"
+    cp "$SUTTY_LOCAL/ca/crt.crt" "$ENTORNO$ca_crt"
+
+    cp "$SUTTY_LOCAL/domain/sutty.local.key" "$ENTORNO$domain_key"
+    cp "$SUTTY_LOCAL/domain/sutty.local.csr" "$ENTORNO$domain_csr"
+    cp "$SUTTY_LOCAL/domain/sutty.local.crt" "$ENTORNO$domain_crt"
+    return
+  fi
+
+  echo "Generando certificados..."
+
+  correr "openssl genpkey -algorithm RSA -pass pass:sutty -out $ca_key"
+  correr "openssl req -x509 -new -nodes -key $ca_key -sha256 \
+    -passin pass:sutty -passout pass:sutty \
+    -subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=Sutty Local CA' \
+    -days 3650 -out $ca_crt"
+
+  correr "openssl req -nodes -newkey rsa:2048 -keyout $domain_key -out $domain_csr \
+    -subj '/C=IN/ST=Cyberspace/L=Cyberspace/O=Sutty/OU=Espacio/CN=sutty.local/CN=*.sutty.local'"
+  correr "openssl x509 -req -in $domain_csr \
+    -CA $ca_crt -CAkey $ca_key -CAcreateserial \
+    -out $domain_crt -days 3650 -sha256"
+
+  echo "Instalando certificados..."
+  if which update-ca-certificates 2>/dev/null; then
+    sudo install -Dm 644 "$ENTORNO$ca_crt" /usr/share/ca-certificates/extra/sutty.crt
+    sudo dpkg-reconfigure ca-certificates
+    sudo update-ca-certificates
+  else
+    sudo trust anchor "$ENTORNO$ca_crt"
+  fi
+}
+
 crear_entorno() {
   ALPINE="3.13.5"
   ALPINE_URL="https://dl-cdn.alpinelinux.org/alpine/v${ALPINE%.*}/releases/x86_64/alpine-minirootfs-${ALPINE}-x86_64.tar.gz"
@@ -104,6 +152,8 @@ crear_entorno() {
   for script in "$DIR/bin/"*; do
     install -m 755 "$script" "$ENTORNO/usr/local/bin/${script##*/}"
   done
+
+  test -f "$ENTORNO/etc/ssl/certs/sutty.local.crt" || generar_certificado
 }
 
 crear_entorno
diff --git a/packages b/packages
index 34fc026..b1a4d57 100644
--- a/packages
+++ b/packages
@@ -3,7 +3,6 @@ daemonize
 ffmpeg
 file
 git
-gnutls-utils
 less
 libssh2
 libxml2
@@ -14,6 +13,7 @@ nano-syntax
 ncurses-terminfo
 nginx
 nodejs
+openssl
 postgresql
 postgresql-contrib
 postgresql-libs