You usually want to protect some internal or even external systems that are not top secret but you don't want man in the middle to see the data or communication you are transferring between two computers and don't want to invest on paid SSL certificate. That is where a self signed certificate comes to play its role and you can manage it all by yourself. I use it for various personal and work related systems and while I am no longer day to day hands on engineer I have to figure it out every time I had to renew the certificate. So recently I have renewed one of my internal certificate for 10 years to not bother me until this solution will perhaps be replaced using a one line command. Just thought that in case if one of my other system starts complaining or if you have the requirement and simply follow below line, copy paste and you get your SSL renewed in seconds.
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt