2

I am using the following command to create certificate and this certificate will be used in window application. This certificate we need to validate application for cyberark security tool.

New-SelfSignedCertificate -DnsName "www.companyname.com", "www.companyname.com" -CertStoreLocatio "cert:\LocalMachine\My" -Type "CodeSigningCert" -Subject "Application Name" -KeyUsage "DigitalSignature"

By using above command, I am able to create certificate.

Problem:

1.When I am looking into the installed certificate, it is showing:

enter image description here

2.It also show only one year valid date. How I can increase the valid date range more than one year.

Uwe Keim
  • 39,551
  • 56
  • 175
  • 291
Sunny
  • 3,185
  • 8
  • 34
  • 66

1 Answers1

5

Self-signed certificates aren't considered trustworthy unless you tell machines to trust them. Because cybercreeps.

To make your self-signed certificate trusted by a Windows machine, you must import it into the Trusted Root Certification Authority / Certificates location in the machine's certificate store. There are plenty of tutorials out there to walk you through this. Look for "How to install a self-signed certificate on Windows".

For the validity duration problem: Add -NotAfter (Get-Date).AddYears(10) to your command line if you want a self-signed certificate good for ten years.

Docs here.

O. Jones
  • 103,626
  • 17
  • 118
  • 172