- Generate a private key
openssl genrsa -aes128 \
-out my-private.key 2048
- Generate a public key from private key
openssl rsa -pubout \
-in my-private.key
-out my-public.key
- Make a new certificate signing request
openssl req -new \
-key my-private.key \
-out my-request.csr
- Sign the certificate with your private key
openssl x509 -req -days 3 \
-in my-request.csr \
-signkey my-private.key \
-out my-certificate.crt
Merge files to create the pem file
cat my-certificate.crt my-private.key > my-certificate.pem