[doc][yba] Update add certificates docs.

docs/content/preview/yugabyte-platform/security/enable-encryption-in-transit/add-certificate-self.md

@@ -25,7 +25,7 @@ Instead of using YugabyteDB Anywhere-provided certificates, you can use your own
 
 The certificates must meet the following criteria:
 
-- Be in the `.crt` format and the private key must be in the `.pem` format, with both of these artifacts available for upload.
+- Be in the `.pem` format and the private key must be in the `.pem` format, with both of these artifacts available for upload.
 
 YugabyteDB Anywhere produces the node (leaf) certificates from the uploaded certificates and copies the certificate chain, leaf certificate, and private key to the nodes in the cluster.
 
@@ -47,6 +47,14 @@ openssl pkcs12 -in cert-archive.pfx -out key.pem -nocerts -nodes
 
 If the key is protected by a passphrase in the PKCS12 archive, you are prompted for the passphrase.
 
+### Generate self-signed certificates
+
+You can generate a self-signed certificates using `openssl` command like below:
+
+```sh
+openssl req -newkey rsa:2048 -nodes -keyout yugabyte_private_key.pem -x509 -days 365 -out yugabyte_cert.pem
+```
+
 ## Add self-signed certificates
 
 To add self-signed certificates to YugabyteDB Anywhere:
@@ -61,7 +69,7 @@ To add self-signed certificates to YugabyteDB Anywhere:
 
 1. In the **Certificate Name** field, enter a meaningful name for your certificate.
 
-1. Click **Upload Root Certificate**, then browse to the root certificate file (`<file-name>.crt`) and upload it.
+1. Click **Upload Root Certificate**, then browse to the root certificate file (`<file-name>.pem`) and upload it.
 
 1. Click **Upload Key**, then browse to the root certificate file (`<file-name>.key`) and upload it.