Command: The following command generates a self-signed key and certificate interactively.

To generate a self-signed SSL certificate with OpenSSL, use the following command:

openssl req -x509 -newkey rsa:4096 -keyout Selfsigned_key.pem -out Selfsigned_cert.pem -sha256 -days 3650 -nodes

Explanation of the command:

• req: This option initiates a certificate signing request (CSR).
• -x509: This option outputs a self-signed certificate instead of a CSR.
• -newkey rsa:4096: This option generates a new RSA key of 4096 bits.
• -keyout Selfsigned_key.pem: This option specifies the filename to write the newly created private key to.
• -out Selfsigned_cert.pem: This option specifies the filename to write the newly created certificate to.
• -sha256: This option specifies the use of SHA-256 for signing the certificate.
• -days 3650: This option sets the certificate to be valid for 3650 days (10 years).
• -nodes: This option tells OpenSSL not to encrypt the private key.