How to issue a self-signed certificate

To have a properly working SSL web site you have to assign a SSL certificate to it. A real one costs real money. Easily especially for development to issue a self-signed one.

To create certificates I will use MakeCert.exe that is shipped with Windows SDK (usual path is %ProgramFiles%\Microsoft SDKs\Windows\v7.1A\Bin\).

First step: create a certificate at TempCA.cer with subject name CA=TempCA with private key kept in TempCA.pvk:

makecert -n "CN=TempCA" -r -sv TempCA.pvk TempCA.cer

Second step: create a certificate at SignedByCA.cer in container SignedByCA with subject name (probably should correspond to the web site address) signed by root authority certificate TempCA.cer with private key at TempCA.pvk and save it into the store named My for CurrentUser:

makecert -sk SignedByCA -n "" -iv TempCA.pvk -ic TempCA.cer SignedByCA.cer -sr CurrentUser -ss My

Third step: generate Personal Information Exchange (.pfx) file at TempCA.pfx from certificate TempCA.cert and private key TempCA.pvk (with no password):

Pvk2Pfx -pvk TempCA.pvk -spc TempCA.cer -pfx TempCA.pfx -f

See MSDN for more details.