First generate the key, at least with 2048 encryption bits:
~ $ openssl genrsa -out server.com.key 2048
Second generate the csr using the above key:
~ $ openssl req -new -key server.com.key -out server.com.csr
Answer to the questions:
Country Name (2 letter code) [AU]:GL
State or Province Name (full name) [Some-State]:Your state
Locality Name (eg, city) []:Your city
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your company
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:server.com
Email Address []:[email protected]
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Finally signed the csr with the key:
~ $ openssl x509 -req -days 365 -in server.com.csr -signkey server.com.key -out server.com.crt
Also you can do all steps in a single one:
~ $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.com.key -out server.com.crt