How to Create Windows Self Signed Certificate for Server 2008 R2

Hello,

In this article I will explain how to create Windows Self Signed Certificate for Server 2008. These same steps can apply for any operating system which you’ve installed Visual Studio 2010 or the Windows SDK.

*Note: This tool is automatically installed with Visual Studio and with the Windows SDK. To run the tool, it is recommended to use the Visual Studio Command Prompt or the Windows SDK Command Prompt (CMD Shell). These utilities enable you to run the tool easily, without navigating to the installation folder. For more information, see Visual Studio and Windows SDK Command Prompts.

**Note: In order to run the makecert command used in this article, you must either have installed Microsoft Visual Studio 2010 or the Windows Software Development Kit. For full instructions on how to install the Windows SDK, please visit this article: http://www.nimbo.com/blog/how-to-install-the-windows-sdk-for-windows-and-net-framework-4/

***Note: Internet Information Services (IIS) is required to complete the steps in this article. For full instructions on how to install IIS, please visit this article: http://nimbo.com/blog/how-to-install-internet-information-services-iis-in-windows-server-2008/

Creating and Installing Windows Self-Signed Certificate

  • Click Start and browse to Visual Studio Tools
  • Right Click Visual Studio Command Prompt and click Run as administrator

The steps above are highlighted in the image below:

how-to-create-and-install-a-self-signed-certificate-nimbo-1

  • Enter the following command at the command prompt and click Enter: makecert -r -pe -n “CN=nimbosso.nimbocloud.com” -b 01/01/2010 -e 01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sv 12
  • Verify that Succeeded is displyed below the entered information (Note: If this is not displayed, verify that you have no typos and also verify that you are logged in with sufficient permissions to complete this procedure)
    Note: I have provided the an example of the exact syntax I used to create a self-signed certificate for this article, however, you will need to change the Fully Qualified Domain Name (FQDN) and other settings to reflect the configuration you require.

The steps above are highlighted in the image below:

how-to-create-and-install-a-self-signed-certificate-nimbo-2

    • Open Internet Information Services (IIS) Manager by clicking Start, typing IIS, and clicking Enter
    • Click the Default Web Site
    • On the right hand side, click Bindings under Edit Site

Note: For this article, I am providing the steps to install the certificate to the default web site in IIS. However, you can select any site within IIS you desire, provided that a certificate isn’t already installed

The steps above are highlighted in the image below:

how-to-create-and-install-a-self-signed-certificate-nimbo-3

  • On the Site Bindings screen, click Add

The step above is highlighted in the image below:

how-to-create-and-install-a-self-signed-certificate-nimbo-4

  • On the Add Site Binding screen, select https for the type
  • Specify the port you would like to use for the secure traffic (Note: the default is 443 for HTTPS)
  • Select the certificate you wish to assign from the SSL certificate dropdown menu (Note: for this example, I have selected the name of the certificate which I chose in the earlier step)
  • Click Close to complete the process

The steps above are highlighted in the image below:

how-to-create-and-install-a-self-signed-certificate-nimbo-5