openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cert_dev.key -out cert_dev.crt

And fill fields. Common Name (CN) should be the domain you want to use.

This will create cert_dev.crt and cert_dev.key

  • req means we want to use X.509 certificate signing request (CSR)
  • -x509 means further modify of the previous subcommand by telling the utility that we want to make a self-signed certificate instead of generating a certificate signing request, as would normally happen.

Use in Nginx config:

listen 443 ssl; 
server_name your_domain.com; 
ssl_certificate path_to/cert_dev.crt; 
ssl_certificate_key path_to/cert_dev.key;

another way to generate

mkdir -p folder
openssl genrsa -out folder/site.key 2048
openssl req -new -key folder/site.key -out folder/site.csr
openssl x509 -req -days 1000 -in folder/site.csr -signkey folder/site.key -out folder/site.crt
#ssl #nginx