The “New-SelfSignedCertificate” cmdlet creates a new self-signed certificate for testing purposes. These are public key certificates and are not generated by any trusted authority. These certificates can easily be created and are free of cost. The only drawback that they can have is that they don’t provide the trust value. The “New-SelfSignedCertificate” cmdlet uses a specific parameter “-CloneCert” to create a copy of the existing certificate.
In this post, the creation of certificates with PowerShell will be elaborated.
New-SelfSignedCertificate: Creating Certificates With PowerShell
As it is described above, the cmdlet “New-SelfSignedCertificate” creates new self-signed certificates. These certificates could be code signed or encrypted according to the user’s requirements.
Example 1: Create a Simple Self-Signed Certificate
The following example will create a certificate and it will store in the specified location:
$Cert
According to the above-stated code:
-
- First, initialize a variable and assign the stated code.
- In the stated code, write the cmdlet “New-SelfSignedCertificate” first.
- Then, write the “-Subject” parameter and specify the “NewCert” value.
- After that, add another parameter “-CertStoreLocation” and assign the path to store the certificate.
- Lastly, call the variable to check whether the certificate was created or not:
Example 2: Create a Copy of the Specified Certificate
This demonstration will create a clone of the existing certificate:
$Exis_Cert = (Get-ChildItem -Path FBBC90CD3A14C09092B565D0E4560DBFE505963D)
New-SelfSignedCertificate -CloneCert $Exis_Cert
In the above-mentioned code snippet:
-
- First, add the “Set-Location” cmdlet, followed by the “-Path” parameter, and assign the storage path.
- After that, initialize a variable and assign it the “Get-ChildItem” to get the existing certificate using its thumbprint value.
- Lastly, first, write the “New-SelfSignedCertificate” cmdlet, followed by the “-CloneCert” and assign it the existing certificate assigned variable:
Example 3: Create a Code Signing Self-Signed Certificate
This example will create a new self-signed code signing certificate. For that reason, simply, assign the “-Type” parameter the value “CodeSigningCert”:
$NewCert
Let’s verify whether the code signed certificate was created or not by executing the below code:
Example 4: Create a Certificate With Two Years of Expiry
In this illustration, the certificate with the custom expiry of two years will be created. For that reason, simply add the “-NotAfter” parameter at the end and assign the value “(Get.Date).AddMonths(24)”. The value “24” specifies the 24 months which is equal to two years:
Example 5: Create a Self-Signed Encrypted Certificate
The following instance will create a certificate an encrypted certificate by assigning the value “DocumentEncryptionCert” to the “-Type” parameter:
$Doc_Cert
Let’s verify whether the encrypted certificate was created or not by executing the given command:
Example 6: Get the List of Certificates
In order to check or get the list of stored certificates, run the given code:
That was all about using the “New-SelfSignedCertificate” cmdlet to create certificates in PowerShell.
Conclusion
The “New-SelfSignedCertificate” cmdlet creates the new self-signed certificates for testing purposes. These are the public key certificates. However, these are not issued by any trusted authority. It can be easily created and are free of cost. Moreover, they can create code-signed and encrypted certificates. This post has elaborated on the “New-SelfSignedCertificate” cmdlet.
