Create a self-signed certificate in one line
$ openssl req -nodes -x509 -newkey rsa:4096 -sha512 -days 365 -keyout cert.key -out cert.pem
Let’s analyze this command:
req
: request a new PKCS#10 certificate;-nodes
: do not encrypt the private key (no password);-x509
: output a self-signed certificate instead of a certificate request;-newkey rsa:4096
: create a new certificate request and a new 4096 bits RSA key;-sha512
: sign the request with a SHA-512 message digest;-days 365
: the certificate will be valid for 365 days;-keyout cert.key
: private key filename;-out cert.pem
: output filename.