Sunday, December 11, 2011

How to create self signed certificate using makecert

In this post,I will show you how to create self signed certificate for wcf application.For this,I will used the utility makecert.MakeCert.exe allows you to (for test/dev purposes) generate both a trusted root certificate and a certificate signed by that trusted root certificate for encryption purposes (also for signature purposes.


Open visual studio command prompt (Admin mode) and type following command 
    C:\cert>makecert -pe -n "CN=RootCA" -ss My -sr LocalMachine -a sha1 -sky signatu re -r "RootCA.cer"
  • -pe Marks the generated private key as exportable. This allows the private key to be included in the certificate.
  • -Specifies the subject's certificate name. This name must conform to the X.500 standard. The simplest method is to specify the name in double quotes, preceded by CN=; for example, "CN=myName".
  • -ss Specifies the subject's certificate store name that stores the output certificate.
  • sr >localmachine
  • -a Specifies the signature algorithm. Must be either 
  • -sky Specifies the subject's key type, which must be signatureexchange, or an integer that represents a provider type. By default, you can pass 1for an exchange key and 2 for a signature key.
  • -r Creates a self-signed certificate.


Above command will create a certificate named RootCA.cer in the cert directory ,and also placed this certificate into Person folder
After executing the above command do the following steps


  • Start/Run/MMC

  • File/Add-Remove Snap-In

  • Click Add


  • Select Certificates and click Add

  • Select Computer Account and hit Next

  • Select Local Computer

  • Click Close

  • Click OK
Go back to the certificates snap-in, right-click the "RootCA" certificate and copy it to the "Trusted Root Certification Authorities" node. Once done, if you expand this node, and then select certificates your newly created root cert should be present.

Now,It's time to create the server certificate.Type the following command and press enter
    C:\cert>makecert -pe -n "CN=santosh-pc" -ss My -sr LocalMachine -sky exchange -a

 sha1 -in "RootCA" -is My -ir LocalMachine -sy 12 santosh-pc.cer



7 comments:

  1. does asp.net developer use coding for making any iphone applications ?
    or is that used for another purpos ?
    thanks

    ReplyDelete
  2. Application development service provider

    ReplyDelete
  3. Application development service provider

    ReplyDelete
  4. @Application_development:It's only applicable for demo app not for production use

    ReplyDelete
  5. Completely helpful for any app developer,thanks for sharing dazzling technique.

    ReplyDelete