Create private key and certificate request:

 openssl genrsa -out private_key.pem 1024
 openssl req -new -key private_key.pem -out certificate_request.pem
 openssl rsa -in private_key.pem -out private_key_nopass.pem
 openssl x509 -req -in certificate_request.pem -out certificate.pem -signkey private_key_nopass.pem -days 1825

or

 openssl req -x509 -newkey rsa:1024 -keyout private_key.pem -out certificate.pem
 openssl rsa -in private_key.pem -out private_key_nopass.pem
 openssl x509 -req -in certificate_request.pem -out certificate.pem -signkey private_key_nopass.pem -days 1825

Protect the files:

 chmod 600 /etc/apache2/ssl/*

in /etc/apache2/sites-available/*

 SSLEngine On
 SSLCertificateFile    /etc/apache2/ssl/certificate.pem
 SSLCertificateKeyFile /etc/apache2/ssl/private_key_nopass.pem