I have subdomain.example.com
that I use for development purposes. My web application solution contains a web API etc, that I need to call from external systems, hence I am not using localhost.
I now need to test for SSL and need a certificate for my subdomain.example.com
development domain name.
I have tried creating a self-signed certificate as outlined in Create a Self-Signed Server Certificate in IIS 7, but this certificate only works locally. Can this certificate be used for my purpose or will I have to create a self-signed certificate for my development subdomain?
ベストアンサー1
Using PowerShell
From Windows 8.1 and Windows Server 2012 R2 (Windows PowerShell 4.0) and upwards, you can create a self-signed certificate using the new New-SelfSignedCertificate
cmdlet:
Examples:
New-SelfSignedCertificate -DnsName www.mydomain.example -CertStoreLocation cert:\LocalMachine\My
New-SelfSignedCertificate -DnsName subdomain.mydomain.example -CertStoreLocation cert:\LocalMachine\My
New-SelfSignedCertificate -DnsName *.mydomain.example -CertStoreLocation cert:\LocalMachine\My
Using the IIS Manager
Note that IIS certificates use SHA-1 hashing, which isn't supported by modern browsers. IIS cannot create certificates using SHA-2 hashing options, thus it cannot create SSL certificates accepted by modern browsers.
- Launch the IIS Manager
- At the server level, under IIS, select Server Certificates
- On the right hand side under Actions select Create Self-Signed Certificate
- Where it says "Specify a friendly name for the certificate" type in an appropriate name for reference.
- Examples:
www.domain.example
orsubdomain.domain.example
- Examples:
- Then, select your website from the list on the left hand side
- On the right hand side under Actions select Bindings
- Add a new HTTPS binding and select the certificate you just created (if your certificate is a wildcard certificate you'll need to specify a hostname)
- Click OK and test it out.