Updated: 23 March 2026
Create self-signed certs
Accept default answers to questions except Common Name, which should be your domain name.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/selfsig.key \
-out /etc/ssl/certs/selfsig.crtUse the files generated in an Apache virtual host
<VirtualHost *:443>
...
SSLCertificateFile /etc/ssl/certs/foo.crt
SSLCertificateKeyFile /etc/ssl/private/foo.key
</VirtualHost>See Digital Ocean, how to create self-signed certs
See Self-signed wildcard cert check project on GitHub