Create private key and signing request:
openssl genrsa 4096 > privatekey.pem
openssl req -new -key privatekey.pem -out csr.pem -config config.ini
The output looks like this:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:
State or Province Name (full name) [New York]:
Locality Name (eg, city) [New York]:
Common Name (eg, DOMAIN name) []:example.com
Create self-signed certificate (this one will be valid for 1 day):
openssl x509 -req -days 1 -in csr.pem -signkey privatekey.pem -out server.crt
Inspect certificate:
openssl x509 -in server.crt -noout -text