Want to create self-signed certificate for local production and work around in AWS account? Although you can use ACM certificate makes it much easier. :P

This post is in brief, since most of the stuff is self explainatory.

Although to understand why and where this thing is needed go through
-Whats HTTPS
-How handshake works
-Protocols

Remember self-signed certificate is created by you and will not be seeking any identity on the internet. You kinda need to involve third party.

Quick commands for generating self-signed certificate

  1. Create directory to maintain all self signed certificate
cd /etc/ssl
mkdir localcerts
  1. command for generating self-signed certificate, followed by certaing fill ups
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/localcerts/self-signed.key -out /etc/ssl/localcerts/self-signed.crt
fill the entry

# Fill it as per requirement 
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]: ??
Locality Name (eg, city) []: ??
Organization Name (eg, company) [Internet Widgits Pty Ltd]:?
Organizational Unit Name (eg, section) []: ???
Common Name (e.g. server FQDN or YOUR name) []: domain/IP
Email Address []:??
  1. Check what you got
pwd
 /etc/ssl/localcerts
ls
 self-signed.crt self.sogned.key
  1. Upload in AWS Certificate Manager, here is quick command for it.
sudo aws acm import-certificate --certificate file://self-signed.crt --private-key file://self-signed.key --region <here> --profile <here>
  1. Update the Listener port in ELB

There you go all set!

This I tried for fun but if working with AWS I would rather suggest use ACM certificate provided by AWS

Happy Learning !