PowerTip: Use PowerShell to Create Self-Signed Certificate

Summary: Use Windows PowerShell in Windows 8.1 to create a self-signed certificate.

Hey, Scripting Guy! Question How can I create a self-signed certificate in Windows 8.1 for testing purposes?

Hey, Scripting Guy! Answer Use the New-SelfSignedCertificate function from the PKI module,
          and specify DNSName and a certificate store location:

New-SelfSignedCertificate -DnsName www.nwtraders.com -CertStoreLocation Cert:\LocalMachine\My

Note  This function requires that you start the Windows PowerShell console with admin rights.

Comments (5)

  1. mredwilson says:

    @L. No, no, and no :-). There is some value in using a self-signed certificate for signing code. In this example, the point is that using the New-SelfSignedCertificate makes it really easy to obtain a self signed cert. Whether you use it to test using certificates prior to deploying a PKI or purchasing a certificate, or you simply use the self-signed cert to sign your own scripts, is up to you. We have lots of great guidance about certificates, in the security center on TechNet.

  2. L. says:

    What do you mean by “for testing purposes”? that you advise against using self-signed certificate in general, or that the certificates produced in this way are somehow crippled (weakened key, some EKU marking them as testing only…)?

  3. DB says:

    I want create a gui for certificate creation using powershell.Can anyone help on this?

  4. cbernal says:

    It is already created:

    Show-Command New-SelfSignedCertificate

Skip to main content