Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

KeyAlgorithm for SHA256

The PowerShell command below creates a self-signed certificate with SHA1 as signature algorithm.

New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" -CertStoreLocation "cert:\LocalMachine\My" -Provider "Microsoft Strong Cryptographic Provider"

MyCertificate

Is there any value that I can pass to this command (for example: -KeyAlgorithm) to make the certificate generated using SHA256 as signature algorithm?

like image 806
Believe2014 Avatar asked Apr 20 '16 03:04

Believe2014


People also ask

How do I create a certificate in PowerShell?

To create a self-signed certificate with PowerShell, we need to use the New-SelfSignedCertificate command. When you create a self-signed certificate manually, you need to give few properties like DNSName, FriendlyName, Certificate start date, expiry date, Subject, a path of the certificate.

How do I create a code signing certificate in PowerShell?

To create a self-signed code-signing certificate, run the New-SelfSignedCertificate command below in PowerShell. The Type parameter specifies to create a CodeSigningCert certificate type. The certificate will be valid for 24 months. Note that assigning a specific validity period is optional with the NotAfter parameter.


1 Answers

KeyAlgorithm parameter defines the public key algorithm which is not related to signature algorithm (what you are trying to accomplish). Instead, you need to use -HashAlgorithm parameter and specify SHA256 as a parameter value:

New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" `
    -CertStoreLocation "cert:\LocalMachine\My" `
    -Provider "Microsoft Strong Cryptographic Provider" `
    -HashAlgorithm "SHA256"
like image 158
Crypt32 Avatar answered Oct 27 '22 16:10

Crypt32