Menu
The PowerShell command below creates a self-signed certificate with SHA1 as signature algorithm.
New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" -CertStoreLocation "cert:\LocalMachine\My" -Provider "Microsoft Strong Cryptographic Provider"
Is there any value that I can pass to this command (for example: -KeyAlgorithm) to make the certificate generated using SHA256 as signature algorithm?
806
To create a self-signed certificate with PowerShell, we need to use the New-SelfSignedCertificate command. When you create a self-signed certificate manually, you need to give few properties like DNSName, FriendlyName, Certificate start date, expiry date, Subject, a path of the certificate.
To create a self-signed code-signing certificate, run the New-SelfSignedCertificate command below in PowerShell. The Type parameter specifies to create a CodeSigningCert certificate type. The certificate will be valid for 24 months. Note that assigning a specific validity period is optional with the NotAfter parameter.
KeyAlgorithm parameter defines the public key algorithm which is not related to signature algorithm (what you are trying to accomplish). Instead, you need to use -HashAlgorithm parameter and specify SHA256 as a parameter value:
New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" `
-CertStoreLocation "cert:\LocalMachine\My" `
-Provider "Microsoft Strong Cryptographic Provider" `
-HashAlgorithm "SHA256"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
