Create a self-signed certificate for development

This is a bit of an aide-memoire, based on

The short form is, you can do this in PowerShell:

  • Open Powershell, running as administrator.
  • Run:

New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "example.local" -FriendlyName "example.local" -NotAfter $([datetime]::now.AddYears(5))

  • Go to “Manager Computer Certificate” or run CERTMGR. You should see your certificate

Next, we want to trust this certificate. We’ll need to export it.

  • To export the certificate file you just created as a .PFX file, right click on the certificate, All Tasks -> Export…
  • When the Export menu item is selected, an export wizard is run. On the first window read through the information and click the next button.
  • In the next window, select the radio button “Yes, export the private key” and then click the next button.
  • Select Export Extended Properties, and click next
  • Set a password for the .PFX file you want to create#
  • Choose a path and export the .pfx file

Now import it into the “Trusted Root Certification Authorities” that you can see in Certificate Manager

  • Expand Trusted Root Certification Authorities –> right-click Certificates –> All Tasks –> Import.
  • Select the file you just exported. Note that you may need to change the file type to Personal Information Exchange.
  • Click Next, Fill in your file’s password, and complete the import.

That should be it completed.


An alternative to export the cert:

Copy the Thumbprint of the cert in your Powershell window.

$pwd = ConvertTo-SecureString -String "" -Face -AsPlainText
Export-PfxCertificate -cert cert:\localMachine\my\#Thumbprint# -FilePath #FilePath# -Password $pwd

Create a self-signed certificate for development

Configuring SSL/TLs made easy

I’ll admit, I find the configuration of SSL and TLS something of a mystery – I like to leave that stuff to the admin guys and get on with the coding. It’s something of a black art, and there seem to be so many obscurely named vulnerabilities that it’s a bit difficult to handle without being a specialist. (Heartbleed? Bar Mitzvah? Lucky 13? Poodle? I mean, seriously, POODLE?)

However, I was recently given a PowerShell script and told to ‘fix these servers’ – and it was very easy. Continue reading “Configuring SSL/TLs made easy”

Configuring SSL/TLs made easy

Enable SSL for sending emails on Sitecore

I was asked to use a GMail server to send emails from Sitecore with. This is actually a pretty reasonable request – but GMail only supports connections over TLS or SSL. Configuring Web Forms for Marketers to use this was proving … interesting, until I found this excellent article by Mark CassidyContinue reading “Enable SSL for sending emails on Sitecore”

Enable SSL for sending emails on Sitecore