I’ve found that the easiest way to generate self-signed certificates in Debian derivatives, like Ubuntu, is by installing and using
$ sudo apt-get install ssl-cert $ make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /path/to/cert-file.crt
This will invoke OpenSSL to generate a pair of RSA public and private keys. OpenSSL will ask for some information, like the Common Name for the certificate. When used to protect Web sites, the Common Name has to match the associated FQDN (fully-qualified domain name). For example, blog.felipe-alfaro.com.
More information can be found by reading the
README.Debian.gz file from Apache2 documentation set:
$ zless /usr/share/doc/apache2/README.Debian.gz
Or online, by reading Apache and SSL, The Easy Way.