This post shows how to generate a self-signed certificate with OpenSSL.
First, generate a private key.
openssl genrsa -out server.key 2048
Change the length of the key if you like.
Then generate a certificate signing request file.
openssl req -new -key server.key -out server.csr
Follow the instructions and fill in all required information.
At last, use your private key to sign the csr file.
openssl x509 -req -in server.csr -out server.crt -signkey server.key -days 36600
Change the valid period if you like.
Now you have a self-signed certificate. The public key file is server.crt, and the private key file is server.key.