Skip to content
Find file
Fetching contributors…
Cannot retrieve contributors at this time
37 lines (30 sloc) 1.59 KB
layout title version
Creating Self-signed Signing Certificates


  • Windows SDK 7.1


To produce a self-signed certificate on Windows that can be used for signing CoApp packages, we need to create an installable certificate, install it into a certificate store, and then export a .pfx file from it. All below commands must be entered in a Windows SDK command prompt (this is not the same as a standard command prompt!).

  1. Creating an installable certificate
  2. Installing a certificate
  3. Exporting a .pfx signing file

1. Creating an installable certificate

To generate a new installable self-signed certificate, enter the following:

makecert -pe -ss MY -sr LocalMachine -$ individual -n "CN=<CertName>" -len 2048 -r "<CertName>.cer"

This will generate an installable certificate file named <CertName>.cer in the current directory.

2. Installing a certificate

To install a certificate file (like the one made in the previous step), enter the following:

CertMgr.exe /add "<CertName>.cer" /s /r localMachine root

This will install the <CertName> certificate into the LocalMachine\root certificate store.

3. Exporting a .pfx signing file

To export a private key signing file for an installed certificate, enter the following:

certutil.exe -privatekey -exportpfx "<CertName>" "<CertName>.pfx"

This will create a <CertName>.pfx signing key in the current directory. This .pfx file can be used by SimpleSigner to sign package files.

Jump to Line
Something went wrong with that request. Please try again.