Using IIS to create a self-signed Certificate

If you don't have a full server certificate yet, but you'd like to test with SSL operations locally you can also use the IIS Admin interface to very easily create a self-signed certificate Here's how to do it:

  • Go to the machine root of the IIS Service Manager

  • Go to the Server Certificates Item in the IIS section

  • On the left click Create Self-Signed Certificate

  • Give it a name, and select the Personal store

  • Click OK

  • Job Done!

Copy the self-signed Certificate to the Trusted Root Certification Store

Once you have a self-signed certificate, you need one more step to make the certificate trusted so that HTTP clients will accept it on your machine without certificate errors. The process involves copying the certificate from the personal store to the trusted machine store. To do this:

  1. From the Run Command - open Manage Computer Certificates (certlm.msc)

  2. Go into Personal | Certificates and find your certificate

  3. Drag and Copy (Ctrl-Drag) the certificate to Trusted Root Certification Authorities | Certificates

Although you now have a server certificate – you must now install an appropriate certificate on your clients so that they can trust the server certificate.

Last updated