We can use self signed SSL certificate for now, so no need to purchase one from a CA vendor
Can anyone please point out on Omega2, how can we:

• generate self signed SSL certificate
• apply the certificate to the web server (uhttpd)
• enable https in uhttpd?

Much appreciated.

You should be able to install openssl on the Omega2+ (from LEDE repos or directly Omega repos), which gives you the means to generate what every certificate you like. You haven't mentioned what kind of certificate you need, with what cryptographic parameters (RSA/ECC, curves, modulo length, hash algorithm, ciphersuites and key exchanges to be supported,...). Actually you don't even have to install and use openssl on the Omega2+, you can generate the keys and certificates off-site.

For web server (and uhttpd-mod-tls) documentation see

• https://wiki.openwrt.org/doc/uci/uhttpd
• https://wiki.openwrt.org/doc/howto/certificates.overview

Introduction to OpenSSL certificate creation: https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

1. From your command line issue the following commands:

opkg update
opkg install px5g-standalone libustream-openssl

1. Restart the uhttpd service:

/etc/init.d/uhttpd restart

1. When you restart uhttpd service, it generates RSA private key and selfsigned certificate, here is the output that I've got after restarting uhttpd:

# /etc/init.d/uhttpd restart
4+0 records in
4+0 records out
Generating RSA private key, 2048 bit long modulus
Generating selfsigned certificate with subject 'C=ZZ,ST=Somewhere,L=Unknown,O=LEDEd1d8b179,CN=LEDE,' and validity 20180417162546-20200416162546

1. Now you can navigate to your browser and type: https://192.168.3.1 or https://omega-XXXX.local ( where XXXX are the last digits of your MAC address). Here is my screenshot:
   

Enjoy and Happy Hacking