Replace <hostname> with your site's primary name.
Generate the key:
openssl genrsa -out <hostname>.key 2048
Generate the certificate request:
openssl req -new -nodes -key <hostname>.key -out <hostname>.csr
You will be prompted to fill in some info
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: <YOUR COUNTRY CODE>
State or Province Name (full name) [Some-State]: <YOUR STATE OR PROVINCE>
Locality Name (eg, city) []: <YOUR CITY>
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <YOUR COMPANY>
Organizational Unit Name (eg, section) []: <YOUR DEPARTMENT OR UNIT>
Common Name (e.g. server FQDN or YOUR name) []: <THE PRIMARY NAME OF YOUR SITE>
Email Address []: <YOUR TECHNICAL CONTACT EMAIL ADDRESS>
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: <CAN BE LEFT BLANK>
An optional company name []: <CAN BE LEFT BLANK>
Generate a self-signed certificate:
openssl x509 -req -days 365 -in <hostname>.csr -signkey <hostname>.key -out <hostname>.crt