This document covers a very specific, limited purpose, but one that meets a common need: preventing browser, mail, and other clients from complaining about the certificates installed on your server. Not covered is dealing with a commercial root certificate authority (CA). Instead, we will become our own root CA, and sign our own certificates.
(These procedures were developed using OpenSSL 0.9.6.)
Guide to creating, signing and distributing keys for openssl, for use with any ssl application.