I used the guides at Verisign and a forum post at Tech Arena.
It’s actually quite easy, you just need to know what commands to type. First you need to set up a virtual host in Apache and put in your content etc. The commands listed below do require some input so just fill in the details correctly.
Generate the private key:
openssl genrsa -des3 -out www.sitename.com.key 1024
Generate the certificate signing request from the private key:
openssl req -new -key www.sitename.com.key -out www.sitename.com.csr
Now send this certificate signing request to your certificate authority with your details (to Verisign/GoDaddy etc). They will send you back a .crt file, which is the certificate you need to install.
If you want to start Apache automatically, without having to enter the passphrase for the private key each time, you will need to do a couple more commands to create an unencrypted key. You can do this earlier but it’s good to have both versions of the key:
mv www.sitename.com.key www.sitename.com.key.has-passphrase
openssl rsa -in www.sitename.com.key.has-passphrase -out www.sitename.com.key
Now put the .crt and .key in a folder and point to them in the apache .conf file of the virtual host e.g.
… some config like DocumentRoot , etc..