...
Open Windows PowerShell ISE.
Create a PowerShell script with the following content:
Code Block | ||||
---|---|---|---|---|
| ||||
$cert = New-SelfSignedCertificate -DnsName www.mysite.com -CertStoreLocation "cert:\LocalMachine\My" -KeyLength 2048 -KeySpec "KeyExchange" -NotBefore 10/15/2019 -NotAfter 10/15/2021 $password = ConvertTo-SecureString -String "mySecurePassword" -Force -AsPlainText Export-PfxCertificate -Cert $cert -FilePath ".\aspire.mysite.com.pfx" -Password $password Export-Certificate -Type CERT -Cert $cert -FilePath .\aspire.mysite.com.cer |
Create a private key
Code Block | ||
---|---|---|
| ||
openssl genrsa -out key.pem 2048 |
Create certificate signing request
Code Block |
---|
openssl req -new -sha256 -key key.pem -out csr.csr |
Create certificate
Code Block |
---|
openssl req -x509 -sha256 -days 365 -key key.pem -in csr.csr -out certificate.pem |
Create DER encoded CER file
Code Block |
---|
openssl x509 -inform PEM -in certificate.pem -outform DER -out certificate.cer |
At the end you will see the following files created:
...
Info |
---|
You may need to download OpenSSL for Windows to follow these steps. |
Extract pem key (only needed if generated with Powershell)
Code Block | ||||
---|---|---|---|---|
| ||||
openssl pkcs12 -nocerts -in <PFX Path> -out <PEM Path> |
Convert extracted pem key to der format
Code Block | ||||
---|---|---|---|---|
| ||||
openssl pkcs8 -topk8 -inform PEM -outform DER -in <PEM Path> -out <DER Path> -nocrypt |
...