# Generate key and create a self-signed certificate: # $ openssl req \ # -x509 \ # -config ssl-ipv4.conf \ # -newkey rsa:2048 \ # -keyform PEM \ # -out ipv4.crt \ # -outform PEM \ # -days 3650 \ # -nodes # [ req ] default_bits = 2048 default_keyfile = ipv4.key default_md = sha256 prompt = no distinguished_name = distinguished_name req_extensions = v3_req x509_extensions = v3_ca [ v3_req ] subjectAltName = @alt_names [ v3_ca ] basicConstraints = CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always subjectAltName = @alt_names [alt_names] IP.0 = 127.0.0.1 DNS.0 = localhost [ distinguished_name ] commonName = 127.0.0.1 countryName = US stateOrProvinceName = North Carolina localityName = Raleigh organizationName = Red Hat Inc. organizationalUnitName = OpenStack