Powershell command to generate a self-signed SSL certificate

Back to List

 Generating the certificate

To generate a self-signed SSL certificate using Powershell run the following command.

New-SelfSignedCertificate -DnsName localhost -CertStoreLocation cert:\LocalMachine\My

You can also replace "localhost" with the hostname if you like.

New-SelfSignedCertificate -DnsName devbox -CertStoreLocation cert:\LocalMachine\My

To include multiple domains or subdomains, separate them with commas.

New-SelfSignedCertificate -DnsName "devbox.local", "www.devbox.local" -CertStoreLocation cert:\LocalMachine\My

Trusting the certificate

  1. Open MMC by going to Start > Run and typing "mmc.exe"
  2. Open the "File" menu and select "Add/Remove Snap-in"
    MMC Add/Remove Snap-In
  3. From the "Available Snap-Ins list, choose "Certificates", then click the "Add" button.
    MMC Add Certificates Snap-In
  4. Click finish on the following dialog.
    MMC Snap-In Account
  5. Navigate to Console Root > Certificates - Current User > Personal > Certificates.
    MMC Certificate Store Tree
  6. Right-click your certificate and choose All Tasks > Export.
    MMC Certificate Export Menu
  7. The Certificate Export Wizard will appear, click "Next".
    MMC Certificate Export Wizard
  8. Choose "Yes, export the private key", then click "Next".
    MMC Export Private Key
  9. Choose "Personal Information Exchange - PKCS #12 (.PFX)", and select the options show below.
    MMC Export PFX
  10. Specify a password, change the encryption type to SHA256, and then click "Next".
    MMC PFX Export Password
  11. Specify a file path to export the .pfx file to, then click "Next".
    MMC PFX Export Filename
  12. Review your export options and then click "Finish".
    MMC Certificate Export Finish
  13. You should see a message that "The export was successful". Click "OK".
    MMC Export Successful
  14. Navigate to Console Root > Certificates - Current User > Trusted Root Certification Authorities > Certificates.
    Trusted Root CA Tree
  15. Right-click on the "Certificates" node, then choose All Tasks > Import...
    MMC Certificate Import Menu
  16. The Certificate Import Wizard will appear. Click "Next".
    MMC Certificate Import Wizard
  17. Browse to and select your exported .pfx file, then click "Next".
    MMC Certificate Import Browse file
  18. Enter the password the private key was protected with, then click "Next".
    MMC Certificate Import Password
  19. Make sure the "Trusted Root Certification Authorities" store is the specified target and then click "Next".
    MMC Certificate Import Target Store
  20. Verify your import settings and then click "Finish".
    MMC Certificate Import Finish
  21. You should get a message stating "The import was successful."
    MMC Certificate Import Successful

And you are done.  You might need to close and reopen your web browser before it will stop complaining about the certificate. 

Gravatar About Sean Nelson
I like codes and stuff.