Self-signed
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \
-out $SITE.crt -keyout $SITE.keyFrom a real registrar
Tip
Now that Let’s Encrypt exists, the below information is a lot less useful…
Generate a unique site key:
openssl genrsa -out $SITE.key 4096Generate a certificate signing request:
openssl req -new -config $SITE.cnf \
-key $SITE.key -out $SITE.csr