Create SSL with Subject Alternative Name | Self Signed Certificate | How To using PowerShell

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi so what I want to go over today is how to create a self-signed certificate using PowerShell that has the subject alternative name so you'll notice in is when I create a self-signed certificate here it does not have the alternative the subject alternative name here and what happens is when you go on to Google or modern web browsers it will complain here that there is no subjective or subject alternative name so what I'm gonna do is I'm gonna go into PowerShell and I am gonna check if I have the command so I'm gonna say get command and the module ki KI and you'll notice in the PKM module there is the new self signed certificate now if you don't have the module installed you can install the module using this command install module PKI now can go ahead and run the new site certificate command here in PowerShell now notice I do have the subject and I'm using the conical name which is just my URL in addition to that I am also using the friendly name and this is the subject alternative name here and I only have one that's non comma separated and as well as the not after which is the expiration date I'm extending this three years and I will be storing this in my local machine and I'll get to that afterwards when I create my certificate so let me go ahead and run this command and when I run this command I can type in MMC and bring up my Microsoft management console here where I will be adding the certificate module choose computer town here local machine click finish click OK and if I go into the personal folder of the local machine you'll notice what I have here is the certificate that will last three years and if I go into the certificate just to confirm there is a subject alternative name and it is the value that matches basically my URL here now in terms of the usage you'll notice here the enhanced usage is both for the client and for the authentication now I do want to copy this to the to the file such that when the clients log in they can add it to their trusted certificate root so keep in mind this is for testing scenario sign self-signed certificates are for testing scenarios so I'm going to export this and I will be exporting this with a private key and I do want the certificate chain so this Safiya the path is going to be there I'm going to click Next and I'm just going to supply a password that is simply password and I am exporting this to my temp directory test cert insert and I'm going to click Next and if I go to my route my trusted route authorities I am actually gonna import this so that so you'll be doing this on your client machines Brow's I'm gonna pick my pfx and this is the particular one that I created I'm gonna click Next I've been my password which is just password and I am going to import all of this into the trusted route authority and you'll notice it is right here with the three-year date and what I'm going to do here is now I'm going to set my website to that particular to that particular certificate here to select this particular one that is expiration date is three years this is the particular one that I created just now just to confirm I'm gonna click OK now when I go back to the browser I'm gonna hit refresh and if that doesn't work so you'll notice that now I have an official certificate it is a valid certificate without the subjective alternative name now the reason why this is a secure certificate is for two reasons is because I put it in the trusted root of the client so it just so happens that I am on the server and I am contacting the server so this is acting as a client machine and a server machine but keep in mind you could distribute that pfx certificate that you export it and the client has to export it into the trusted root and so that's one reason why it's about certificate the other one is I did add the subjective alternative name so I will have this these directions in the description area of the video and I hope this helped and the please subscribe and thank you for watching
Info
Channel: CodeCowboyOrg
Views: 14,062
Rating: undefined out of 5
Keywords: Self Signed Certificate, SSL Certificate, Subject Alternative Name, Error, Chrome SSL Error, ERR_CERT_COMMON_NAME_INVALID, Your connection is not private, Google Chrome, SSL Error, SAN, SSL, Self Signed, Server SSL Cert, Self Signed Cert, https, Valid Certificate, How to create, how to create self signed, Subjective Alternative Name, Alternative Name, DNS Name, ERR_CERT_AUTHORITY_INVALID
Id: LSP4wZfi-i8
Channel Id: undefined
Length: 6min 32sec (392 seconds)
Published: Mon Sep 02 2019
Related Videos
How to create a valid self signed SSL Certificate?
Christian Lempa
331K
Server Certificates - Self Signed and LetsEncrypt Certificates for the LAN
OneMarcFifty
33K
Revoke Certificates Using PowerShell with the PSPKI Module
ShotokuTech
2.6K
Create self signed certificates with Subject Alternative Names
Mobilefish.com
31K
How to trust a self signed certificate in IIS Windows Server 2019
Tech Pub
30K
Certificates and Certificate Authority Explained
Hussein Nasser
126K
🔒How to Secure your Executables with Self-Signing Certificates 🔑
AUTOHOTKEY Gurus
2.9K
Server Name Indication, DNS & SSL Certificate Troubleshooting Guide Using OpenSSL and DIG
Lawrence Systems
12K
Create Your Own SSL Certificate Authority (Windows)
Delicious Brains
35K
How to create a self signed certificate
Daniel Persson
30K
How to generate a self-signed SSL certificate in windows11 using power shell command & export | LSC
Learn Smart Coding
2.2K
Run flask application over HTTPS with self-signed certificate
Learning Software
13K
IIS - How to Create Self Signed SSL Certificate for HTTPS
CodeCowboyOrg
94K
Quick and Easy Local SSL Certificates for Your Homelab!
Wolfgang's Channel
661K
Wildcard SSL Vs Multi Domain (SAN) SSL Key Difference
RapidSSLOnline
18K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.