SuterDEV

Self-Signed Cert on Windows

,

It’s easy to create a self-signed cert on windows:

$domain = "my-domain.example.org"
$certificate = New-SelfSignedCertificate `
-Subject "CN=$domain" `
-CertStoreLocation "Cert:\LocalMachine\My" `
-KeyExportPolicy Exportable `
-KeySpec Signature `
-KeyLength 2048 `
-KeyAlgorithm RSA `
-HashAlgorithm SHA256 `
-Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" `
-NotAfter (Get-Date).AddYears(5) -Verbose

If you have something like the SQL Reporting Service, you’ll have to trust the certificate. So we can extend the command like this:

$domain = "my-domain.example.org"
$certificate = New-SelfSignedCertificate `
-Subject "CN=$domain" `
-CertStoreLocation "Cert:\LocalMachine\My" `
-KeyExportPolicy Exportable `
-KeySpec Signature `
-KeyLength 2048 `
-KeyAlgorithm RSA `
-HashAlgorithm SHA256 `
-Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" `
-NotAfter (Get-Date).AddYears(5) -Verbose

$pwd=ConvertTo-SecureString "password1234" -asplainText -force
Export-PFXCertificate -cert $certificate -file "C:\temp\self.pfx" -Password $pwd
Import-PfxCertificate -FilePath "C:\temp\self.pfx" cert:\LocalMachine\root -Password $pwd

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.