Creating a Self-Signed SSL Certificate with an Exportable Private Key

Overview

CERTREQ can generate a self-signed certificate, but the private key won't be exportable. This article provide a procedure to create a self-signed SSL certificate with a private key that is exportable.

Pre-requisites


Procedure

Adapted from: http://stackoverflow.com/questions/13509548/how-to-create-a-private-key-exportable-self-signed-certificate

(1) Open a Command Window

IMPORTANT: Run as Administrator

(2) Create a self-signed certificate

"C:\OpenSSL-Win64\bin\openssl.exe" req -x509 -days 30 -newkey rsa:2048 -keyout mycert.pem -out mycert.pem

(3) Enter and Validate the PEM Pass Phrase

(4) Enter the certficate info

(5) Convert the certificate to a PFX file

"C:\OpenSSL-Win64\bin\openssl.exe" pkcs12 -export -in mycert.pem -out mycert.pfx

(6) If necessary, copy the PFX file to the server where it's to be installed.

(7) Double-click the PFX file to open the Certificate Import Wizard.