Still working on this. If you look at the examples and can help, please jump right in.
#generate you server key
openssl genrsa -out server.key 2048
#generate the server public key or client cert
openssl req -new -x509 -key server.key -out server.pub -days 365 -config openssl.cnf
#generate the CA key
openssl genrsa -out rootCA.key 2048
#self sign the CA key
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
#generate you server key
openssl genrsa -out server.key 2048
#create your certificate signing request
openssl req -new -key server.key -out server.csr
#generate the server public key or client cert
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out client.crt -days 500 -sha256
*need to add info on openssl.cnf edits
This should ONLY be done on your local machine. Both the public and private certs are available here on git hub, so its not a good idea to use them over the network.