How to Create Self-signed Certificate on Windows

Windows Articles

How to install Brackets in Windows 10 plus extensions

Hello! Brackets is an open-source code editor designed by Adobe for web developers. Additionally, it has a very simple and modern interface...

How to install Docker on OpenSUSE 15.2 / 15.1?

Docker is a fairly popular technology in today’s sysadmin. It is logical to think because it means a complete change in the...

How to analyze the network with IP Tools for Android

Hi! If you want to analyze and adjust the network almost professionally, then this post is for you. Indeed, IP Tools is...

How to install GNU Fortran on Ubuntu 20.04 / 18.04?

Not everything old is bad. This is how it is. Well, while it is true that there are many programming languages today, there are...

How to install Unity Desktop on Ubuntu 20.04?

Unity Desktop was for a long time the default desktop environment in Ubuntu. Thanks to this, Ubuntu gained a great personality and...
Avatar
Mel Khamlichi
Webmaster and technical Director at Osradar.com Linux/Unix Guru Technology and hardware addicted Location : Amsterdam Netherlands

Certificates are an essential part of ensuring security in sites. For adding a certificate, you need to buy a certificate or deploy your own Public Key Infrastructure. For running a successful production environment, it’s a must. However, when developing, obtaining a certificate in this manner is a hardship. Instead, you can create your own self-signed certificate on Windows.

In Windows, there are 2 different approaches to create a self-signed certificate.

Method 1

Here, I’m describing how to create one using PowerShell. For your knowledge, PowerShell is a task automation and configuration management framework developed and distributed by Microsoft as a part of Windows operating system. It works using a command-line shell and associated script language.

Prerequisite

Before jumping to the certificate generation, you need to make sure that your PowerShell is v5. To check your PowerShell version, follow these steps.

  • From the Start menu, type “powershell” >> hit Enter.
  • Type the following command and press Enter:
$PSVersionTable.PSVersion

Here, my PowerShell “Major” is 5, meaning v5. If your PowerShell is lower than that, you need to update your Windows Management Framework. It’s available for Windows 7 and Windows 8.1. Download Windows Management Framework.

Creating the certificate

Now, we have to create the certificate.

  • Run the following command:
$cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname testcert.osradar.com

The “New-SelfSignedCertificate” cmdlet will create the certificate. Note that you need to change the “testcert.osradar.com” with the FQDN (Fully Qualified Domain Name) you would like to use.

  • Create a password for the certificate using the following line:
$pwd = ConvertTo-SecureString -String ‘passw0rd!’ -Force -AsPlainText

Change ‘passw0rd’ with your preferred password.

Export the certificate

It’s time to export the self-signed certificate.

  • Run this command:
$path = 'cert:\localMachine\my\' + $cert.thumbprint Export-PfxCertificate -cert $path -FilePath c:\temp\cert.pfx -Password $pwd

Make sure that you enter a valid path in place of “c:\temp\cert.pfx”. Enter the password in place of “$pwd”.

Now, your certificate is available in the folder. It can be imported and deployed into any Windows system.

Method 2

If the previous process seems a bit creepy, you can follow this one. It’s a bit lengthy but simple.

Creating the certificate

  • Go to Start menu >> type “Run” >> hit Enter.

  • Type “mmc.exe” >> click OK.
  • In the console, go to File >> Add/Remove Snap-in…

  • From the left panel, select Certificates >> click Add.

  • From the new dialogue box, select Computer account >> click Next.

  • Select Local computer >> click Finish.

  • You’ll be back on the “Add/Remove Snap-ins” box. Click OK.

Your certificate is created.

Installing the certificate to the trusted root

It’s a best practice to set the certificate in the trusted root as well.

  • From the “mmc.exe”, navigate to Certificates >> Personal >> Certificates from the left panel.
  • Right-click on your certificate >> select Copy.

  • Navigate to Trusted Root Certificate Authorities >> Certificates.
  • Right-click and select Paste.

Exporting the certificate

For exporting the certificate, follow these procedures.

  • From “mmc.exe”, navigate to Certificate >> Trusted Root Certificate Authorities >> Certificates.
  • Right-click on your certificate >> go to All Tasks >> Export.

  • Select “Yes, export the private key”.

  • Leave options as they are and click Next.

  • Enter a password for the certificate >> click Next.

  • Choose the folder where you want to save the certificate >> click Next.
  • Click Finish.

Now, your certificate is ready for deployment. For using the certificate, installing it into browsers etc. tricks, follow this in-depth guide.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Brackets in Windows 10 plus extensions

Hello! Brackets is an open-source code editor designed by Adobe for web developers. Additionally, it has a very simple and modern interface...

How to install Docker on OpenSUSE 15.2 / 15.1?

Docker is a fairly popular technology in today’s sysadmin. It is logical to think because it means a complete change in the...

How to analyze the network with IP Tools for Android

Hi! If you want to analyze and adjust the network almost professionally, then this post is for you. Indeed, IP Tools is...

How to install GNU Fortran on Ubuntu 20.04 / 18.04?

Not everything old is bad. This is how it is. Well, while it is true that there are many programming languages today, there are...

How to install Unity Desktop on Ubuntu 20.04?

Unity Desktop was for a long time the default desktop environment in Ubuntu. Thanks to this, Ubuntu gained a great personality and...