I used to have a Word Press blog (I suppose I still do) and this was by far my most popular post. (A quick google search showed my code in a bunch of projects).
Often times, you need a keypair and certificate for a website, but you don't need it to be signed by a recognized CA. Here's how to do that in python. Note that the method below isn't the most current, since it's using the common name component of the certificate's Subject as the hostname, instead of the Subject Alternative Name. See rfc2818 for more information.
from socket import gethostname
from OpenSSL import crypto