Powershell command to generate a self-signed SSL certificate
Generating the certificate
To generate a self-signed SSL certificate using Powershell run the following command.
New-SelfSignedCertificate -DnsName localhost -CertStoreLocation cert:\LocalMachine\My
You can also replace "localhost" with the hostname if you like.
New-SelfSignedCertificate -DnsName devbox -CertStoreLocation cert:\LocalMachine\My
To include multiple domains or subdomains, separate them with commas.
New-SelfSignedCertificate -DnsName "devbox.local", "www.devbox.local" -CertStoreLocation cert:\LocalMachine\My
Trusting the certificate
- Open MMC by going to Start > Run and typing "mmc.exe"
- Open the "File" menu and select "Add/Remove Snap-in"
- From the "Available Snap-Ins list, choose "Certificates", then click the "Add" button.
- Click finish on the following dialog.
- Navigate to Console Root > Certificates - Current User > Personal > Certificates.
- Right-click your certificate and choose All Tasks > Export.
- The Certificate Export Wizard will appear, click "Next".
- Choose "Yes, export the private key", then click "Next".
- Choose "Personal Information Exchange - PKCS #12 (.PFX)", and select the options show below.
- Specify a password, change the encryption type to SHA256, and then click "Next".
- Specify a file path to export the .pfx file to, then click "Next".
- Review your export options and then click "Finish".
- You should see a message that "The export was successful". Click "OK".
- Navigate to Console Root > Certificates - Current User > Trusted Root Certification Authorities > Certificates.
- Right-click on the "Certificates" node, then choose All Tasks > Import...
- The Certificate Import Wizard will appear. Click "Next".
- Browse to and select your exported .pfx file, then click "Next".
- Enter the password the private key was protected with, then click "Next".
- Make sure the "Trusted Root Certification Authorities" store is the specified target and then click "Next".
- Verify your import settings and then click "Finish".
- You should get a message stating "The import was successful."
And you are done. You might need to close and reopen your web browser before it will stop complaining about the certificate.
About Sean Nelson
I like codes and stuff.