Create Self-Signed Certificate PowerShell
Hello,
You have different ways of creating a self-signed certificate, for testing purposes of course :
Create Self-Signed Certificate PowerShell
Both ways are great, but each of them has prerequisites :
- MakeCert : Visual Studio or Windows SDK.
- New-SelfSignedCertificate : AD CS PowerShell module.
MakeCert
You can find the documentation of the tool at this address:
https://msdn.microsoft.com/library/windows/desktop/aa386968.aspx
Based on this, you can use the tool like this:
makecert -r -pe -n "CN=XYZ Company" -b 01/01/2005 -e 01/01/2010 -sky exchange -ss my
New-SelfSignedCertificate
This cmdlet is part of the Active Directory Certificate Services PowerShell Module. You can get it by installing the Remote Server Administration Tools (RSAT) on your computer or server.
New-SelfSignedCertificate -Type Custom -Subject "E=patti.fuller@contoso.com,CN=Patti Fuller" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.4","2.5.29.17={text}email=patti.fuller@contoso.com&upn=pattifuller@contoso.com") -KeyUsage DataEncipherment -KeyAlgorithm RSA -KeyLength 2048 -SmimeCapabilities -CertStoreLocation "Cert:CurrentUserMy"