Creating X.509 Certificates using makecert.exe

8 באפריל 2008



Creating x.509  certificates is a very common task. Unfortunately the knowledge how to do it is quite rare. If you want a certificate that the whole world would trust you need to buy one, but if you need it for your own use you can create it using a tool called MakeCert.exe

After downloading the tool you have to perform the following procedure:

Creating a Root Certificate Authority

makecert.exe -n "CN=My Root CA,O=Organization,OU=Org Unit,L=San Diego,S=CA,C=US" -pe -ss my -sr LocalMachine -sky exchange -m 96 -a sha1 -len 2048 -r My_Root_CA.cer

Import Root Certificate Authority Certificate into Trusted Root Store

certutil.exe -f -addstore Root My_Root_CA.cer

Create Backup (Export) PFX file of Root Certificate Authority Certificate

certutil.exe -privatekey -exportpfx "My Root CA" My_Root_CA.pfx

Create a Server Certificate issued from the previously created Certificate Authority

makecert.exe -n "CN=Server" -pe -ss my -sr LocalMachine -sky exchange -m 96 -in "My Root CA" -is my -ir LocalMachine -a sha1 -eku, Server.cer

Create Backup (Export) PFX file of Server Certificate

certutil.exe -privatekey -exportpfx "Server" Server.pfx

Create a Computer certificate issued from the previously created Certificate Authority

makecert.exe -n "CN=Computer" -pe -ss my -sr Localmachine -sky exchange -m 96 -in "My Root CA" -is my -ir LocalMachine -a sha1 -eku Computer.cer

Create Backup (Export) PFX file of Computer Certificate

certutil.exe -privatekey -exportpfx "Computer" Computer.pfx

OID Reference

Encrypting File System (

Secure Email (

Smart Card Logon (

Client Authentication (

Server Authentication (

IP security IKE intermediate (



Add comment
facebook linkedin twitter email

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



  1. Leo6 ביוני 2008 ב 7:44

    Awesome. Thanks a lot!

  2. fs27 בינואר 2009 ב 16:46

    Thanks, saved me lots of time.

  3. D2 באפריל 2009 ב 18:21

    Simply fantastic!. Thank you.

  4. Gopi11 במאי 2009 ב 10:50

    Thank you soo much.

  5. Parag Patel5 בספטמבר 2009 ב 12:24

    Great page,
    If i see digital signature's property of .exe after sing it using certificate it shows email filed "Note available". How can i fill this email filed?

  6. Daniel Sage25 בפברואר 2010 ב 0:42

    I know it is a little old of a post but, I get the following error.

    Error: Can not specify issuer's private key information for self signed certificate. Please use -sp and -sy instead.

    I am using the following command :

    makecert -r -pe -n "CN=*,O=Daniel Sage,OU=Web Safety,L=Lombard,S=IL,C=US" -pe -ss my -sr LocalMachine -sky exchange -m 96 -in "Daniel Sage Private Certification Services" -is my -ir LocalMachine -a sha1 -eku, "D:\DSCert.cer"

    With the ca command being :

    makecert -n "CN=Daniel Sage Private Certification Services,O=Daniel Sage,OU=Web Safety,L=Lombard,S=IL,C=US" -pe -ss my -sr LocalMachine -sky exchange -m 96 -a sha1 -len 2048 -r "D:\DSRoot.cer"

    Please help and thanks for the great page.

  7. Daniel Sage26 בפברואר 2010 ב 5:20

    Nevermind, I was able to get it to work.

    Thanks again for the great page. Really helps.

  8. Agha Usman1 ביולי 2010 ב 11:35

    Did the job for me .. excellent job

  9. Deepak14 ביוני 2011 ב 22:08

    This was an awesome step by step instruction…. Could you please help in finding a third party vendor like Verisign who issue this sort of certificates.

    I am trying to use this for WCF, The certificate which I create is perfectly working. But certificate is not working.


  10. bandish27 בפברואר 2012 ב 6:44

    Excellent thanks mate

  11. Andreas Knöpfel13 באפריל 2012 ב 18:58

    Great help – Thanks 🙂

  12. Robert V.4 ביוני 2012 ב 18:21

    Thank you, this helped me a lot!

  13. Jon Fullerton1 ביולי 2012 ב 4:43

    Great help, how do you use makecert to create a smart card logon certificate on a smart card so that the generated certificate and associated private key is in the smart card?


  14. Merlin10 באוקטובר 2012 ב 0:14

    Thank you very much for putting this together.

  15. Dodd20 באוקטובר 2012 ב 6:30

    It's going to be finish of mine day, but before finish I am reading this wonderful piece of writing to improve my know-how.

  16. Nathan29 באוקטובר 2012 ב 18:29

    It's fantastic that you are getting ideas from this article as well as from our argument made at this time.

  17. Wick8 בנובמבר 2012 ב 0:40

    Hello everyone, it's my first visit at this web site, and post is genuinely fruitful in support of me, keep up posting these types of articles or reviews.

  18. Blalock12 בנובמבר 2012 ב 13:14

    Very energetic blog, I loved that bit. Will there be a part 2?

  19. Winston12 בנובמבר 2012 ב 15:14

    I'm not sure exactly why but this site is loading very slow for me. Is anyone else having this problem or is it a issue on my end? I'll check back later and see
    if the problem still exists.

  20. Macpherson2 בדצמבר 2012 ב 14:13

    I blog quite often and I genuinely thank you for your content.
    The article has truly peaked my interest. I will take a note of your site and keep checking
    for new information about once per week. I opted in for your RSS
    feed too.

  21. Ennis4 בדצמבר 2012 ב 17:01

    Appreciation to my father who informed me on the topic of this web site,
    this webpage is in fact awesome.

  22. Mangum5 בדצמבר 2012 ב 2:03

    I am not certain where you're getting your info, but good topic. I must spend some time learning more or working out more. Thank you for excellent information I used to be in search of this info for my mission.

  23. Ventura5 בדצמבר 2012 ב 9:21

    This post is in fact a pleasant one it helps new web users,
    who are wishing for blogging.

  24. Seward8 בדצמבר 2012 ב 8:38

    I like looking through a post that can make men and women think.
    Also, thank you for allowing me to comment!

  25. Pereira15 בדצמבר 2012 ב 8:47

    Really no matter if someone doesn't understand after that its up to other users that they will assist, so here it occurs.

  26. Stubbs18 בדצמבר 2012 ב 6:58

    This post will help the internet visitors for setting up new
    webpage or even a weblog from start to end.

  27. Bustos19 בדצמבר 2012 ב 5:28

    Hello everybody, here every person is sharing these
    kinds of experience, thus it's good to read this web site, and I used to go to see this web site every day.

  28. Dove24 בדצמבר 2012 ב 5:51

    It's very trouble-free to find out any matter on web as compared to textbooks, as I found this piece of writing at this web page.

  29. Waggoner26 בדצמבר 2012 ב 16:05

    Very good post. I'm dealing with some of these issues as well..

  30. Farrow27 בדצמבר 2012 ב 10:48

    Excellent article. I definitely appreciate this
    site. Continue the good work!

  31. Angel28 בדצמבר 2012 ב 20:09

    It's going to be finish of mine day, except before ending I am reading this impressive post to increase my knowledge.

  32. Burrows2 בינואר 2013 ב 18:20

    Thanks for finally writing about >Creating X.509 Certificates using makecert.

    exe – Manu Cohen-Yashar's Blog Reply

  33. Applegate2 בינואר 2013 ב 19:01

    I know this website provides quality dependent articles or
    reviews and additional stuff, is there any other web page
    which gives such things in quality?

  34. Crider1 בפברואר 2013 ב 5:28

    I got this web site from my buddy who told me about this website and at the moment this time I am browsing
    this web page and reading very informative articles or reviews at this place.

  35. Mckinney9 בפברואר 2013 ב 18:52

    This post is truly a good one it helps new net users, who are wishing for blogging.

  36. Boyette12 בפברואר 2013 ב 21:37

    Keep on working, great job!

  37. Bartlett18 בפברואר 2013 ב 7:40

    It's an awesome post for all the internet people; they will take advantage from it I am sure.

  38. Gifford23 בפברואר 2013 ב 0:54

    This post is priceless. When can I find out more?

  39. Griffiths25 בפברואר 2013 ב 14:12

    Quality articles or reviews is the key to invite the users to go
    to see the web site, that's what this web site is providing.

  40. Meadows27 בפברואר 2013 ב 23:21

    Amazing things here. I'm very satisfied to look your post. Thank you so much and I am taking a look forward to touch you. Will you please drop me a e-mail?

  41. Isaacson20 במרץ 2013 ב 10:00

    What's up, this weekend is good in favor of me, as this point in time i am reading this great educational article here at my residence.

  42. Ratcliff23 במרץ 2013 ב 16:33

    Do you have any video of that? I'd care to find out some additional information.

  43. Mcclelland20 באפריל 2013 ב 18:59

    You can certainly see your skills within the work you write.
    The arena hopes for more passionate writers like you who aren't afraid to say how they believe. Always go after your heart.

  44. Aguiar21 באפריל 2013 ב 16:21

    I like reading through a post that can make people think. Also, thanks for allowing me to comment!

  45. Kimbrough21 באפריל 2013 ב 20:39

    I'm curious to find out what blog platform you have been utilizing? I'm experiencing
    some minor security issues with my latest blog
    and I'd like to find something more secure. Do you have any recommendations?

  46. Kraus22 באפריל 2013 ב 2:53

    When someone writes an post he/she maintains the image of a user in his/her brain that
    how a user can know it. Thus that's why this paragraph is great. Thanks!

  47. Gilbreath22 באפריל 2013 ב 3:58

    I have been browsing on-line more than three hours nowadays, yet I
    never discovered any attention-grabbing article like
    yours. It's pretty price sufficient for me. Personally, if all webmasters and bloggers made good content material as you probably did, the net will likely be much more useful than ever before.

  48. Etheridge22 באפריל 2013 ב 6:08

    Hello, i feel that i saw you visited my site so i came to go back the choose?
    .I am trying to to find things to enhance my web site!
    I assume its good enough to use some of your ideas!

  49. Foote22 באפריל 2013 ב 6:42

    You've made some decent points there. I checked on the internet to learn more about the issue and found most individuals will go along with your views on this web site.

  50. Montenegro22 באפריל 2013 ב 6:54

    Hey there, I think your blog might be having browser compatibility issues.
    When I look at your website in Ie, it looks fine but when opening in Internet Explorer,
    it has some overlapping. I just wanted to give you
    a quick heads up! Other then that, superb blog!

  51. Burger2 במאי 2013 ב 16:38

    Excellent write-up. I absolutely appreciate this website.
    Stick with it!

  52. Sander2 במאי 2013 ב 17:33

    Wow, fantastic blog format! How lengthy have you ever been blogging
    for? you made running a blog glance easy. The total look of your site is
    wonderful, let alone the content material!

  53. Kilpatrick3 במאי 2013 ב 5:00

    Hurrah! In the end I got a webpage from where I know how to
    genuinely get useful information regarding my study and knowledge.

  54. Kang3 במאי 2013 ב 6:08

    It's genuinely very complex in this busy life to listen news on TV, therefore I only use web for that purpose, and obtain the most up-to-date news.

  55. Martino4 במאי 2013 ב 5:27

    Hey there! Would you mind if I share your blog with my facebook group?
    There's a lot of people that I think would really appreciate your content. Please let me know. Many thanks

  56. Heinrich4 במאי 2013 ב 6:01

    Howdy! I understand this is somewhat off-topic but I
    needed to ask. Does building a well-established website such as yours require a lot of work?
    I'm completely new to blogging however I do write in my journal everyday. I'd like to start a blog so I can share
    my personal experience and feelings online.
    Please let me know if you have any suggestions or tips for brand new aspiring blog owners.


  57. Appel4 במאי 2013 ב 6:12

    Thankfulness to my father who told me about this blog, this website is really awesome.

  58. Schuster4 במאי 2013 ב 13:49

    What's up friends, good article and good arguments commented at this place, I am in fact enjoying by these.

  59. Munn4 במאי 2013 ב 16:29

    I do not even know how I stopped up right here, but I assumed
    this put up was once great. I do not recognise who you might be however
    definitely you're going to a well-known blogger when you aren't already.

  60. Kinard4 במאי 2013 ב 17:48

    Saved as a favorite, I love your blog!

  61. Oliva4 במאי 2013 ב 23:22

    Good day! This is my first visit to your blog!
    We are a team of volunteers and starting a new initiative in
    a community in the same niche. Your blog provided us useful
    information to work on. You have done a outstanding job!

  62. Hendricks5 במאי 2013 ב 11:34

    I know this site presents quality based articles or reviews and
    additional data, is there any other website which offers
    such information in quality?

  63. Geary5 במאי 2013 ב 23:37

    Post writing is also a fun, if you know afterward you can write
    otherwise it is complicated to write.

  64. Withrow6 במאי 2013 ב 4:59

    It's very straightforward to find out any matter on net as compared to books, as I found this post at this web site.

  65. Fryer6 במאי 2013 ב 7:47

    We stumbled over here different web address and thought I
    might as well check things out. I like what I see so now i am following
    you. Look forward to exploring your web page repeatedly.

  66. Stpierre6 במאי 2013 ב 18:02

    I know this if off topic but I'm looking into starting my own weblog and was curious what all is needed to get set up? I'm
    assuming having a blog like yours would cost a pretty penny?
    I'm not very web smart so I'm not 100% certain.

    Any recommendations or advice would be greatly appreciated.

  67. Christmas7 במאי 2013 ב 5:09

    This is a topic that's close to my heart… Best wishes! Exactly where are your contact details though?

  68. Hood8 במאי 2013 ב 6:20

    bookmarked!!, I really like your website!

  69. Brinkman8 במאי 2013 ב 22:19

    At this time I am ready to do my breakfast, after having my breakfast coming again to read further

  70. Naylor9 במאי 2013 ב 0:38

    Hi, i believe that i saw you visited my blog thus i came to return the favor?
    .I'm attempting to to find issues to improve my site!I suppose its ok to make use of some of your concepts!!

  71. Bartels14 במאי 2013 ב 12:05

    Can you tell us more about this? I'd care to find out more details.

  72. Post9 ביוני 2013 ב 9:18

    Have you ever considered about adding a little bit more than just your
    articles? I mean, what you say is fundamental and all.
    But think about if you added some great graphics or video
    clips to give your posts more, "pop"! Your content is excellent but with pics and video clips, this blog could undeniably be one of the very best in
    its niche. Excellent blog!

  73. Armenta20 ביוני 2013 ב 0:48

    I was extremely pleased to find this web site.
    I want to to thank you for your time due to
    this wonderful read!! I definitely savored every little bit of it
    and I have you book marked to look at new things on your website.

  74. Mcmahon21 ביוני 2013 ב 23:21

    It's a shame you don't have a donate button!
    I'd without a doubt donate to this brilliant blog! I suppose for now i'll settle for bookmarking and adding your RSS feed to my Google account.

    I look forward to new updates and will talk
    about this blog with my Facebook group. Chat

  75. Pickett21 ביוני 2013 ב 23:29

    We stumbled over here different page and thought I should check things out.
    I like what I see so i am just following you. Look forward to looking
    at your web page repeatedly.

  76. KenH12 באוגוסט 2013 ב 19:29

    Finally, someone that has a clue regarding the complete string of information associated with the full amount of data regarding the individual involved with the cert, I'd been searching for days thinking there was switches I need, to add the organization, city, copyright info etc etc, not realizing that the certs in windows always had the symbols associated with what I was looking for, eg: L=city, S=state etc etc, though I had no idea on how to include it into the command, though after reading this posting, shouldv'e known that it's to be included between the exclamation marks, separated by a comma…
    Thankyou so much…
    Ken H…

  77. Ken H13 באוגוסט 2013 ב 6:20

    Hi, back again, figured I'd come back to fill you in on a couple more OID References I
    found when making certs to sign cats for drivers.

    Code Signing (
    Windows System Component Verification (

    Thanks again for the info provided above.

  78. Frummaspabbab2 בספטמבר 2013 ב 12:06

    Michael jordan is the greatest basketball player,there is no one can follow him back.