SSL certificates in a jiffy

Quick guide to generating self-signed certificates for use with Apache et al.
Replace <servername> with the fully qualified name of the server you're generating the key for.

openssl req -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -keyout <servername>-key.pem -out <servername>-cert.pem

This outputs the certificate and the key into individual files. These can be concatenated if necessary.
This also uses the SHA-2 algorithm as the signing algorithm, rather than the older SHA-1 which is deprecated at the time of writing.