I've used the makecert.exe to create a certificate, but I'm not sure what exactly is happening, or what some of the commands mean.
This is my command:
makecert -r -pe -n "CN=Test certificate" -b 10/22/2015 -e 10/22/2016 -ss my -len 2048
To make things clear, I followed a guide in creating this certificate, and I simply wish to know what's going on
I understand most of this command such as
-r = making the certificate self-signed,
-pe = making the private key exportable,
-n = specifies the name of the certificate subject,
-b = specifies the beginning date of the validation period,
-e = specifies the end date of the validation period,
-len = specifies the key length in bits.
What I don't understand is the -ss my. I'm not quite sure what exactly this means. Could anyone clarify this for me?
Note: if any of the other commands are wrong, please enlighten me
Related
I'm trying to create a new sel certificate in order to specify a duration different than the one created by default from an application.
Using the command:
makecert.exe -b 10/10/2015 -m 36 -n "CN=MYSERVER.domain.com" -sk "MYSERVER.domain.com" -sky "exchange" -sr localmachine -ss my -in "SelfSignedCA" -ir localmachine -is root
but system prevent me providing "Fail to acquire a security provide from the issuer's certificate - Failed".
I'm not so confident in creating the certificates...any help?
thanks in advance!
I have Fiddler configured to decrypt SSL traffic from a Java application.
But I am seeing the following error in the Fiddler log:
19:39:27:1726 Fiddler.CertMaker> [C:\Program Files (x86)\Fiddler2\MakeCert.exe -pe -ss my -n "CN=test.example.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com" -sky exchange -in DO_NOT_TRUST_FiddlerRoot -is my -eku 1.3.6.1.5.5.7.3.1 -cy end -a sha1 -m 132 -b 03/26/2013] Returned Error: Creation of the interception certificate failed.
makecert.exe returned -1.
Results from C:\Program Files (x86)\Fiddler2\MakeCert.exe -pe -ss my -n "CN=test.example.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com" -sky exchange -in DO_NOT_TRUST_FiddlerRoot -is my -eku 1.3.6.1.5.5.7.3.1 -cy end -a sha1 -m 132 -b 03/26/2013
Error: Fail to acquire a security provider from the issuer's certificate
Failed
Does anyone know how to fix this?
This likely means that you have a 3rd party encryption provider installed (e.g. Entrust or some VPN software) that is preventing MakeCert from generating the End-Entity certificate from the FiddlerRoot certificate.
There are some ways to workaround that, but the simplest is to try using http://fiddler2.com/r/?FiddlerCertMaker instead, as it doesn't rely on makecert.exe.
C:\windows\system32\makecert.exe -r -n "CN=HanuSoft CA" -pe -sv HanuSoftCA.pvk -a sha1 -len 2048 -b 09/04/2013 -e 09/05/2016 -cy authority HanuSoft.cer
after taking password..
Succeed
but m not found any certificate in certmgr windows,
please any one help to resolve this problem why its not generate or other prob with it.
Both private key and public key were stored in the .pvk file, not immediately import into the keystore.
I'm having an error trying to enable a SSL Certificate for the WS-AT module fot MSDTC:
I've already follow the steps to create the certificate:
How to: Create and Install Temporary Client Certificates in WCF During Development
But still got this error:
"Could not use the SSL Certificate because it does not support Key Encipherment or Digital Signature"
I also made sure that I am using an admin accont and Application Data --> Microsoft --> Crypto -->RSA --> key file has the necessary full permissions to the admin account I am using
I'm using IIS 7, on a Windows 7 machine
Any clues?
I've made it work, finally. I've used the next commands
makecert.exe -pe -n CN=MyCN -cy authority -r -sv C:\Mycer.pvk C:\Mycer.cer
makecert.exe -ss Root -sr LocalMachine -n CN=MyCN -cy authority -r -sv C:\Mycer.pvk
makecert -ss My -sr LocalMachine -n CN=MyFullDomainName -sky exchange -ir LocalMachine -iv C:\Mycer.pvk -ic C:\Mycer.cer
hope it helps someone
echo off
set SERVER_NAME=localhost
echo ---------------------------------------------------------------------
echo Server cert setup starting
echo for server: %SERVER_NAME%
echo making server cert
makecert.exe -sr LocalMachine -ss MY -a sha1 -n CN=%SERVER_NAME% -sky exchange -pe
echo ---------------------------------------------------------------------
In which folder of the Microsoft Management Console (MMC) shall I put the certificate?
Why don't you use Documentation?
sr parameter = location. In your case LocalMachine
ss parameter = store. In your case My which means Personal in Certificate snap-in
So you will find your certificate when you open Certificate snap-in for Local computer and check Personal store.