Back to top

Generate a self sign cert with PowerShell

Have ever been stumbled upon needing a certificate very fast and looking for tools for hours? Well I found a series of PowerShell commands which makes your life super easy.

I am sure there are many people who’ve tried OpenSSL, MakeCert.exe, IIS or may other tools and spend hours searching to generate a self-sign certificate for testing or other purposes.

Well with PowerShell it can be this easy. The commands you need are New-SelfSignedCertificate and Export-PfxCertificate. The way you use them is as follows.

New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname yourdomainname

You can put whatever you like as your domain name, which will be put in the subject.

Running this command will generate a certificate and prints out the thumbprint for you which you will need if you want to export your certificate.

You will need a password to export your certificate which you can define it as a variable:

$pwd = ConvertTo-SecureString -String "P@$sw0rd" -Force -AsPlainText

And finally you can export your certificate by using export command:

Export-PfxCertificate -cert cert:\localMachine\my\{thumbprint} `
 -FilePath d:\temp\cert.pfx -Password $pwd

You will need to replace the {thumbprint} with the thumbprint you got from the execution of the first command.

And Voila, you’ve got a PFX file containing your private key which you can use.

Support my work 👇🏽