Self Signing CA for local dev
openssl req -x509 -nodes -newkey rsa:4096 -keyout ca.key -out ca.crt -days 365 -subj "/CN=poseidon"
Let an API be our server
openssl req -nodes -newkey rsa:2048 -keyout api.example.local.key -out api.example.local.csr -days 180 -subj "/CN=api.example.local"
openssl x509 -req -CAcreateserial -CA ca.crt -CAkey ca.key -days 180 -in api.example.local.csr -out api.example.local.crt
openssl pkcs12 -export -out api.example.local.pfx -inkey api.example.local.key -in api.example.local.crt
A frontend dashboard consuming the API can be our client
openssl req -nodes -newkey rsa:2048 -keyout example.local.key -out example.local.csr -days 90 -subj "/CN=example.local"
openssl x509 -req -CAcreateserial -CA ca.crt -CAkey ca.key -days 90 -in example.local.csr -out example.local.crt
openssl pkcs12 -export -out example.local.pfx -inkey example.local.key -in example.local.crt