just change out app_name for your purposes
openssl genrsa 2048 > app_name-wildcard.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key app_name-wildcard.key > app_name-wildcard.cert
# Common Name (eg, your name or your server's hostname) []:*.app_name.com
openssl x509 -noout -fingerprint -text < app_name-wildcard.cert > app_name-wildcard.info
cat app_name-wildcard.cert app_name-wildcard.key > app_name-wildcard.pem
chmod 644 app_name-wildcard.key app_name-wildcard.pem
we may want to change the life of the cert via teh -days switch as well as the keysize. what we really want is to create our own CA, which is easy.