1 Create CA
openssl genrsa -out rootCA_key.key 2048.
-des3 algorithm to encrypt the key and will require you to enter a password in order for the key file to be created.
1.2 Create Root CA cert with constraint CA = true.
openssl req -x509 -new -nodes -key rootCA_key.key -sha256 -days 1024 -out rootCA_crt.pem \
-extensions v3_ca -reqexts v3_req -config /usr/local/etc/openssl/openssl.cnf