kis gyorstalpalo openssl-bol:
1.) csinalsz 1 root CA-t:
openssl req -newkey rsa:4096 -x509 -keyout privateCA.pem -out publicCA.crt -days 3650
1.5.) lehet ellenorizni:
openssl x509 -text -in publicCA.crt | less
2.) server kulcs generalasa
openssl genrsa -out server.key 4096
3.) certificate req
openssl req -new -days 3650 -key server.key -out newreq.pem
4.) alairod a root CA-val az elobbi kerest
openssl ca -out newcert.pem -in newreq.pem -keyfile privateCA.pem -days 3650 -cert publicCA.crt -outdir ./
5.) ha pkcs12-ben akarod tarolni (es innen pl firefox-ba pattintani)
openssl pkcs12 -export -in newcert.pem -inkey server.key -name "Beluka kulcsa" -out mycert.p12