init_tls.cnf

# 1.1 Generate RSA {cert, key} pair:
#  openssl req -x509 -days 365 -nodes -newkey rsa:2048 -keyout tls_rsa_tmp.key -out tls_rsa.crt -config init_tls.cnf
# 1.2 Convert RSA key to pkcs8 format:
#  openssl pkcs8 -topk8 -nocrypt -in tls_rsa_tmp.key -out tls_rsa.key
# 1.3 View RSA cert:
#  openssl x509 -text -noout -in tls_rsa.crt
#
# OR
#
# 2.1 Generate EC (cert, key) pair: 
#  openssl req -x509 -days 365 -nodes -newkey ec:<(openssl ecparam -name prime256v1) -keyout tls_ec_tmp.key -out tls_ec.crt -config init_tls.cnf
# 2.2 Convert RSA key to pkcs8 format:
#  openssl pkcs8 -topk8 -nocrypt -in tls_ec_tmp.key -out tls_ec.key
# 2.3 View EC cert:
#  openssl x509 -text -noout -in tls_ec.crt

prompt = no

[req]
distinguished_name = test_distinguished_name
x509_extensions = test_x509_extensions

[test_distinguished_name]
commonName = localhost

[test_x509_extensions]
subjectAltName=@test_sans

[test_sans]
IP.1 = 10.0.2.2
IP.2 = 127.0.0.1