Dummy's Guide to SSL server?

It seems that I can change a regular server to handle https by changing

    http_server([port(Opts.port),
                 workers(5)]).

to

    http_server([port(Opts.port),
                 ssl([certificate_file('cacert.pem'),
                 key_file('privkey.pem')]),
                 workers(5)]).

but I couldn’t find information on how to create those two files.

So, I tried this:

openssl genrsa -out privkey.pem
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

but https://localhost:9999 failed (plain http works fine).

Is there a cookbook for how to create the certificates?

Here’s what I saw on the server:

% Started server at https://localhost:9999/
1 ?- 
% [Thread httpd@9999_2] First line: \0\0üL•ëhl¯ª£¶!C^úô?>>Sµ¼4g¾1Í 0–ÔçZ¢OkA‰€`nÛàÅè)ëù­BUà<\0"ÊÊÀ+À/À,À0̨̩ÀÀ\0œ\0\0/\05\0

(That should have been https://localhost:9999 of course – I’ve edited the original)