Microsoft provides an IIS resource kit that provides an application to create a self-signed SSL certificate. The application is called selfssl.exe. The steps for creating the SSL certificate are listed below.
- Download and install the IIS resource kit.
- Open a cmd prompt and type: cd “c:Program FilesIIS ResourcesSelfSSL”
- Create the self-signed SSL certificate by just typing: selfssl.exe
There are a number of command line parameters you can enter to modify the default settings. They are listed below
C:Program FilesIIS ResourcesSelfSSL>selfssl /?
Microsoft (R) SelfSSL Version 1.0
Copyright (C) 2003 Microsoft Corporation. All rights reserved.Installs self-signed SSL certificate into IIS.
SELFSSL [/T] [/N:cn] [/K:key size] [/S:site id] [/P:port]/T Adds the self-signed certificate to “Trusted Certificates”
list. The local browser will trust the self-signed certificate
if this flag is specified.
/N:cn Specifies the common name of the certificate. The computer
name is used if not specified.
/K:key size Specifies the key length. Default is 1024.
/V:validity days Specifies the validity of the certificate. Default is 7 days.
/S:site id Specifies the id of the site. Default is 1 (Default Site).
/P:port Specifies the SSL port. Default is 443.
/Q Quiet mode. You will not be prompted when SSL settings are
overwritten.The default behaviour is equivalent with:
selfssl.exe /N:CN=SERVER /K:1024 /V:7 /S:1 /P:443
Below is an example of creating the self-signed SSL certificate
C:Program FilesIIS ResourcesSelfSSL>selfssl
Microsoft (R) SelfSSL Version 1.0
Copyright (C) 2003 Microsoft Corporation. All rights reserved.Do you want to replace the SSL settings for site 1 (Y/N)?y
The self signed certificate was successfully assigned to site 1.C:Program FilesIIS ResourcesSelfSSL>cd “c:Program Files”
Posted by Rob Chee