Quick pointers on creating certs
For the various twisted (python) applications I've have written to support SSL, I have included the following (original source unknown) as a utility script in my applications:
#!/usr/bin/env python
from os import path, system
prikey = path.join('etc', 'ssl', 'privkey.pem')
pubkey = path.join('etc', 'ssl', 'pubkey.pem')
print 'generating openssl private key to file', prikey
system("openssl genrsa -out %s 2048" % prikey)
system("openssl rsa -in %s -pubout -out %s" % (prikey, pubkey))
cacert = path.join('etc', 'ssl', 'cacert.pem')
print 'generating openssl cacert to file', cacert
system("openssl req -new -x509 -key %s -out %s -days 1095" % (prikey,cacert))
Note that the relative path etc/ssl must exist prior to running this code.
For a quick, concise tutorial, this link may be of use: