/ Powershell

Create a self signed certificate the Powershell-way (New-SelfSignedCertificate)

Today I had to generate a new self-signed certificate for my AD FS farm. And what way is better than the Powershell 4.0+ way? (correct answer: none). For this cert I wanted a cert with a validity of 10 years and I wanted to export it as well.

$Cert = New-SelfSignedCertificate -CertStoreLocation Cert:\localmachine\My `
                                  -DnsName a.random.name `
                                  -Subject a.random.name `
                                  -FriendlyName "A Random Name" `
                                  -NotAfter (Get-Date).AddYears(10) `
                                  -KeyExportPolicy Exportable
Export-PfxCertificate -Cert $Cert -FilePath C:\Cert\arandomname.pfx -ProtectTo a.random\user #replace with domain\user ;)

Note: it's also possible to set the password yourself by doing it like this:

$Cert = New-SelfSignedCertificate -CertStoreLocation Cert:\localmachine\My `
                                  -DnsName a.random.name `
                                  -Subject a.random.name `
                                  -FriendlyName "A Random Name" `
                                  -NotAfter (Get-Date).AddYears(10) `
                                  -KeyExportPolicy Exportable
$Psw = Read-Host -AsSecureString
#or
$Psw = ConvertTo-SecureString -String "a.random.passw0rd!" -Force -AsPlainText
Export-PfxCertificate -Cert $Cert -FilePath C:\Cert\arandomname.pfx -Password $Psw

Enjoy!

Andreas Selevik

Andreas Selevik

Solution Architect specialized in Windows & Azure Architecture, Office 365, PowerShell, Identity management and automation. Manchester United fanatic, father, husband and a very good winner...

Read More