MakeCert - is it possible to change the key size?

Question

When I generate a certificate using MakeCert.exe, I want to change the key size from 1024 to 2048.

Is this possible? Or do I need to setup a certificate authority (CA)?

See [my answer](http://stackoverflow.com/a/12108020/886319) to an other topic which allow you to ask for a 2048 bits certificate to a third-party CA using certreq. — gyzpunk, Aug 24 '12 at 11:01

score 12 · Accepted Answer · edited Dec 15 '18 at 20:16

12

Here the following syntax is used:

makecert -pe -ss MY -$ individual -n "CN=your name here" -len 2048 -r

Sorry I cannot test it, since I don't have Makecert.

edited Dec 15 '18 at 20:16

Peter Mortensen

answered Jan 21 '09 at 01:06

RSabet

I was able to use makecert from VS2010 to specify `-len 2048` param – Eugene S. Dec 07 '11 at 15:53
3

The claim in another answer is that "-len 2048" only works if your CRYPTO\RSA keys folder does not already have a 1024bit key cached from a previous copy of the certificate; manual deletion of the key is required. This matches my observations. – EricLaw Mar 26 '14 at 16:28

score 1 · Answer 2 · edited Dec 15 '18 at 20:18

1

A description of Makecert options can be found at MSDN, but I didn't see an explicit one for setting the key length.

edited Dec 15 '18 at 20:18

Peter Mortensen

answered Jan 21 '09 at 00:26

ISW

1

Cheers ISW, I have looked on MSDN but I couldn't see any options for setting the key size. – Rohan West Jan 21 '09 at 00:30
1

"makecert -!" will also give you help for all the advanced options including "-len". – Jeremy Wiebe Jan 18 '10 at 19:57

2 Answers2