You can do that in one command:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
You will need to add -nodes if you don't want to protect your private key with any passphrase. else, it will prompt you telling "at least for 4 character" password.
You need to replace it with a number to affect an expiration date. It will then prompt it for things like "Country Name", but you can just hit Enter and receive the defaults.
Add -subj '/CN=localhost' #to suppress questions about the contents of the certificate.
Self-signed certificates are not validated with any 3rd party unless you import them to the browsers previously. If you want more security, you can use the certificate signed by a certificate authority (CA).
To know about Linux join the Linux training