openssl genrsa -out private.key 4096 && openssl req -new -key private.key -out signreq.csr -subj "/CN=FQDN" && openssl x509 -req -days 365 -in signreq.csr -signkey private.key -out cert.crt
But ideally everyone could just use something like mkcert to take care of this
openssl genrsa -out private.key 4096 && openssl req -new -key private.key -out signreq.csr -subj "/CN=FQDN" && openssl x509 -req -days 365 -in signreq.csr -signkey private.key -out cert.crt
But ideally everyone could just use something like mkcert to take care of this