I have a C/C++ application and I need to create a X509 pem certificate containing both a public and private key. The certificate can be self signed, or unsigned, doesn't matter.
I want to do this inside an app, not from command line.
What OpenSSL functions will do this for me? Any sample code is a bonus!
You'll need to familiarize yourself with the terminology and mechanisms first.
An X.509 certificate, by definition, does not include a private key. Instead, it is a CA-signed version of the public key (along with any attributes the CA puts into the signature). The PEM format really only supports separate storage of the key and the certificate - although you can then concatenate the two.
In any case, you'll need to invoke 20+ different functions of the OpenSSL API to create a key and a self-signed certificate. An example is in the OpenSSL source itself, in demos/x509/mkcert.c
For a more detailed answer, please see Nathan Osman's explanation below.