Apache self-signed certificates Generate the keys for the Certificate Authority (the key that will do the signing)
    openssl genrsa -des3 -out ca.key 4096
    openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
Generate the private key for your server
    openssl genrsa -des3 -out server.key 1024
Create a CSR (certificate signing request) to get signed by the CA
    openssl req -new -key server.key -out server.csr
Sign your csr with the key you made in the first step
    openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
Optionally remove the password from your key (if you do this protect your key!!!)
    openssl rsa -in server.key -out server.key.nopass
Add these lines to your Apache config
    SSLEngine on
    SSLCertificateFile    /www/ssl.crt/server.crt
    SSLCertificateKeyFile /www/ssl.key/server.key