Self Signed Certificates

I have had problems creating a self-signed certificate with OpenSSL that has a "Subject Alternate Name". I found the easy option was to make my own copy of the openssl.cnf file and edit it, the original being elsewhere on the server and from the standard install. I added the line "" into the "[ v3_ca ]" section and it worked, although it does seem like on odd section to use, however as it worked I just moved on. I did also change "basicConstraints" to "CA:false" as this is not a Certificate Authority certificate. Having edited the file I used the following to generate the certificate:
openssl req -x509 -nodes -days 3650 -subj '/C=UK/L=London/OU=Project/O=GeoffDoesStuff/' -config ~/openssl.cnf -newkey rsa:1024 -keyout new_self_signed.pem -out new_self_signed.pem
Then you can use openssl s_server -cert new_self_signed.pem -www -accept 2112 to test it, when you use a web browser against that port and you can then see the certificate details.
If you search on the internet for creating a self-signed certificate with a Subject Alternative Name you will find some interesting solutions, some better and more flexible than the above.