englandbaron · June 25, 2019 11:52
diff --git a/gistfile1.txt b/gistfile1.txt
 I can't comment, so I will put this as a separate answer. I found a few issues with the accepted one-liner answer:

 The one-liner includes a passphrase in the key.
 The one-liner uses SHA-1 which in many browsers throws warnings in console.
 Here is a simplified version that removes the passphrase, ups the security to suppress warnings and includes a suggestion in comments to pass in -subj to remove the full question list:
 ```
 openssl genrsa -out server.key 2048
 openssl rsa -in server.key -out server.key
 openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=localhost'
 openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
 ```
 Replace 'localhost' with whatever domain you require. You will need to run the first two commands one by one as OpenSSL will prompt for a passphrase.

 To combine the two into a .pem file:
 ```
 cat server.crt server.key > cert.pem
 ```
	I can't comment, so I will put this as a separate answer. I found a few issues with the accepted one-liner answer:

	The one-liner includes a passphrase in the key.
	The one-liner uses SHA-1 which in many browsers throws warnings in console.
	Here is a simplified version that removes the passphrase, ups the security to suppress warnings and includes a suggestion in comments to pass in -subj to remove the full question list:
	```
	openssl genrsa -out server.key 2048
	openssl rsa -in server.key -out server.key
	openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=localhost'
	openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
	```
	Replace 'localhost' with whatever domain you require. You will need to run the first two commands one by one as OpenSSL will prompt for a passphrase.

	To combine the two into a .pem file:
	```
	cat server.crt server.key > cert.pem
	```