Generate a Self-Signed Certificate for Signing on Android
You can use OpenSSL to generate a self-signed
RSA certificate using this OpenSSL command:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem
ECDSA certificates can be created using the
openssl ecparam command.
You can use a self-signed certificate for testing purposes, but you will need to make sure the certificate is trusted by all the devices the PDF is opened on (including PCs/Macs with Acrobat). A self-signed certificate will probably also generate warnings about its
keyUsage extension (the self-signed certificate must permit certificate signing — keyCertSign, see RFC 5280).