Database Reference
In-Depth Information
You can easily create a self-signed certificate using the
MakeCert.exe
utility. To create a certificate on
your machines, run the following command at a command line. You need to execute this statement as
an Administrator or the command will fail:
makecert -ss root -pe -r -n "CN=BlueSyntaxTest" -sky Exchange -sr LocalMachine
Here is a brief overview of the options used to create this certificate:
-ss root
stores the certificate in the root certificate store.
•
-pe
marks the private key exportable.
•
•
-r
creates a self-signed certificate (meaning that it wasn't issued by a root
certificate authority (CA) like Thawte).
-n "CN=..."
specifies the subject's name of the certificate.
•
•
-sky Exchange
specifies that the certificate is used for encryption.
•
-sr LocalMachine
specifies that the certificate store location as
LocalMachine
.
Note
Make sure you run this statement as an Administrator, or you'll get an error that looks like this:
Error:Save encoded certificate to store failed => 0x5 (5)
.
To verify that your certificate was properly installed, open
mmc.exe
. Select File
Add/Remove Snap
In. Then, select Certificates, click Add, choose Computer, and click OK. Expand the tree on the left to
view the certificates under Trusted Root Certification Authorities. Figure 4-4 shows the BlueSyntaxTest
certificate that was created with the earlier command.
→
Figure 4-4.
Viewing certificates on your machine