In this blog we will discuss how we can create self-signed certificates for only test purposes during development. Make sure this procedure are not supported in production environments.
Step 1: First open Visual studio development command prompt to run following command.
Run Command and Provide Password for Certificate:
makecert -r -pe -n "CN=IsvCertTestAuthority O=IsvCertTestAuthority" -ss CA -sr LocalMachine -a sha256 -len 2048 -cy authority -sky signature -b 01/01/2020 -sv c:\temp\CA.pvk c:\temp\CA.cer
Note: If you need to know the meanings and purpose of the command parameters you can go throught this link https://docs.microsoft.com/en-us/windows/desktop/SecCrypto/makecert
Step 2: Create a certificate by using the CA.
makecert -pe -n "CN=IsvCertTest O=IsvCertTest" -ss ISVStore -sr LocalMachine -a sha256 -len 2048 -cy end -sky signature -eku 18.104.22.168.22.214.171.124.3 -ic c:\temp\ca.cer -iv c:\temp\ca.pvk -b **/**/**** -sv c:\temp\isvcert.pvk c:\temp\isvcert.cer
Note: Replace stars (Special Character) with date in above command.
Step 3: Convert the ISV certificate to PFX format.
pvk2pfx -pvk c:\temp\isvcert.pvk -spc c:\temp\isvcert.cer -pfx c:\temp\isvcert.pfx -po ********
Note: Replace stars (Special Character) with your password given above. In my case my password is "123".
Step 4: Import the self-signed CA certificate manually on all the AOS instances.
certutil -addstore root c:\temp\ca.cer
That is all you want to do in order to create self-signed certificates. At this navigation you can see your created certificates as shown in image.
You can also refer this link above example is taken from microsoft documents.
ISV Licensing .