Here is a quick way to create a self-signed SSL certificate with openssl and output the key/cert into PKCS#12 format. I've found that I've had to do this several times at work to get a certificate ready for a Windows machine. I got tired of looking up the procedure each time, so here goes...

# create the private key
openssl genrsa -out server.key 2048

# create a new csr
openssl req -new -key server.key -out server.csr

# sign the csr into a PEM cert file
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

# convert the PEM cert and key into a PKCS#12 file
openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt