To generate a self-signed SSL certificate with OpenSSL, use the following command:
openssl req -x509 -newkey rsa:4096 -keyout Selfsigned_key.pem -out Selfsigned_cert.pem -sha256 -days 3650 -nodes
Explanation of the command:
req: This option initiates a certificate signing request (CSR).
-x509: This option outputs a self-signed certificate instead of a CSR.
-newkey rsa:4096: This option generates a new RSA key of 4096 bits.
-keyout Selfsigned_key.pem: This option specifies the filename to write the newly created private key to.
-out Selfsigned_cert.pem: This option specifies the filename to write the newly created certificate to.
-sha256: This option specifies the use of SHA-256 for signing the certificate.
-days 3650: This option sets the certificate to be valid for 3650 days (10 years).
-nodes: This option tells OpenSSL not to encrypt the private key.
By running this command, you will generate a self-signed SSL certificate along with a private key that is not encrypted.