Create self-signed SSL certificate for development environment

Under Windows 10+ it is quite easy to generate a self-signed certificate and use it in the local Internet Information Server (IIS) for a locally defined domain. This can then be tested realistically via an https connection.

  1. I start with an entry in the [WINDOWS]\System32\drivers\etc\hosts file (WINDOWS usually stands for: c:\windows) e.g. E.g.: 127.0.0.1 mysite.local

  2. Then I open Powershell as Administrator and run the following line:
    New-SelfSignedCertificate -Subject *.mysite.local -DnsName *.mysite.local -CertStoreLocation cert:\LocalMachine\My -NotAfter (Get-Date).AddYears(10)
  3. Now I use the Microsoft Management Console (mmc) and add the Certificates snap-in. In the Console Root > Certificates (Local Computer) > Personal Certificates > Certificates section, I select the certificate I just created and copy it to Console Root > Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.

  4. In IIS you can now create a website with the binding https://mysite.local and use the generated certificate for this.

Incidentally, the certificate is defined as a wildcard certificate, so that it can also be used for subdomains such as https://dev.mysite.local.

Create self-signed SSL certificate for development environment