We will use openssl to create the keys and the certificates, so make sure you have it installed on your development machine. From the command line, execute the following command (on an OS X or Linux machine):

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes -days 3650

This creates a 2048 bit RSA private key (in the key.pem file). The private key is used to sign the certificate (the cert.pem file). While generating the signed certificate, ensure you enter the correct information for Common Name (for example, server FQDN or YOUR name). Here, we have used the ELB public DNS name:

Generating a 2048 bit RSA private key
..........+++
............................................................................................................+++
writing new private key to 'key.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CA
Locality Name (eg, city) []:Irvine
Organization Name (eg, company) [Internet Widgits Pty Ltd]:A1Electronics
Organizational Unit Name (eg, section) []:Software Engineering
Common Name (e.g. server FQDN or YOUR name) []:a1electronicsecommerce-elb-965226090.us-west-2.elb.amazonaws.com
Email Address []:[email protected]