How to quickly create a self signed SSL certificate using openSSL

To create a self-signed certificate on Ubuntu use this one-line command:

sudo openssl req -x509 -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/private.key -out /etc/ssl/certs/certificate.crt

You will be asked to choose a challenge password, and answer a few questions. The tool give you examples of the requested informations.

It will work on most Linux/Unix distributions. If you use an other distribution you may want to adapt the path.

Here is a description of the above command :

openssl
The program/tool that manages certificates and keys.

req -x509
Tells the utility that we want to use X.509 standard to make the self-signed certificate.

-days
Number of days the certificate will be considered as valid

-newkey rsa:2048
Tells the utility to simultanously generate a new RSA certificate and key that is 2048 bits long.

-keyout /etc/ssl/private/private.key
Tells openSSL where to place the private key.

-out /etc/ssl/certs/certificate.crt
Tells OpenSSL where to place the public certificate.