1

Open terminal, or another CLI (command-line interface) tool.

2

Create a password-protected, 2048-bit RSA private key named domain.key:

openssl genrsa -out domain.key 2048

3

Create a CSR domain.csr from your private key. When prompted, fill in the necessary fields:

openssl req -key domain.key -new -out domain.csr

4

Create a self-signed certificate named domain.crt with your private key and CSR:

openssl x509 -signkey domain.key -in domain.csr -req -days 365 -out domain.crt

5

Copy the certificate string from domain.crt. This is your Certificate.

6

Copy the private key string from domain.key. This is your Private Key.

7

Go to Manage > Certificates & Secrets > Certificates and click Upload certificate.

8

Select a certificate (public key) with one of the following file types: .cer, .pem, or .crt

9

Provide a description for the certificate.

10

Click Add.