Generate an AES256 certificate for encrypting email, such as with the Outlook client for Mac.

make-aes256-certificate.sh

password="SomeTopSecretPassword"
email="bill.wilder@example.com"

# openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem -subj "/CN=DevPartners/emailAddress=$email"
# generate .pem (full public/private certificate)
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem -subj "/emailAddress=$email"
# generate .pfx (full public/private certificate) from .pem
openssl pkcs12 -export -out mycert.pfx -inkey mycert.pem -in mycert.pem -passout pass:$password
# generate .cer (public key) from .pem
openssl x509 -inform pem -in mycert.pem -outform der -out mycert.cer

# informational probes
openssl pkcs12 -in mycert.pfx -nodes -passin pass:$pass | openssl x509 -noout -fingerprint
openssl x509 -in mycert.pem -noout -fingerprint
openssl x509 -in mycert.pem -noout -subject
openssl x509 -in mycert.pem -noout -text | grep "RSA Public Key"

# works on Mac:
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "./mycert.cer"