Create a new 2048 bit RSA key
openssl genrsa -out myServer.key 2048
Create a self-signed cert, good for 10 years
openssl req -x509 -key myServer.key -out myServer.crt -days 3652
Create a Certificate Signing Request
openssl req -new -key myServer.key -out myServer.csr
Verify contents of a CSR
openssl req -in myServer.csr -noout -text
Create a PKCS 12 file from cert/key
openssl pkcs12 -export -out myFile.pfx -inkey myServer.key -in MyServer.crt
Check if a cert matches a key
openssl x509 -noout -modulus -in myServer.crt | openssl md5 ;\ openssl rsa -noout -modulus -in myServer.key | openssl md5