Generate ssl certificate in 1 quick step
I found most instructions on configuring SSL under web servers are a bit too complicated, especially on the part that generates the self-signed certificate. I’ve discovered a pretty simply way to do it [ reference ]
openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem -newkey rsa:2048 -subj "/CN=hostname.example.org"
Substitute hostname.example.org with the actual domain name, or even * if the certificate will be used in a virtual hosts setting.
Take apache for example, the resulting cert.pem and key.pem from the above commands can then be used in the ssl-enabled vhost configuration as below:
...
SSLCertificateFile /path/to/cert.pem
SSLCertificateKeyFile /path/to/key.pem
...
Starting the apache service will ask for pass phrase used to generate the above certificate. To remove the pass phrase, perform one more step:
openssl rsa -in key.pem -out key.pem