Basic Creation of OpenSSL Self-Signed Certificate:

This example will produce a file called mycert.pem which will contain both the private key and the public certificate based on it. The certificate will be valid for 365 days, and the key (thanks to the -nodes option) is unencrypted.


To create a certificate to send to a Certificate Authority for licensing:

openssl req -new > cert.csr
openssl rsa -in privkey.pem -out key.pem
openssl x509 -in cert.csr -out cert.pem -req -signkey key.pem -days 1001
cat key.pem>>cert.pem


To create a self-signed certificate:

one step:
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout mycertname.key -out mycertname.crt

or two steps:
openssl req -new > mycertname.csr
openssl req -x509 -in mycertname.csr -nodes -days 3650 -newkey rsa:4096 -keyout mycertname.key -out mycertname.crt