How to Create a X.509 High-Trust Certificate

Table of Contents

See how to create a self signed Certificate in IIS.

  1. Open IIS.
  2. Click on your Server on the left side in the menu.
  3. Double click “Server Certificates” in the available Features.
  4. Click on “Create Self-Signed Certificate”.

  1. Specify here a friendly Name, like "KanBo-High-Trust-Certificate" as example and choose "Personal" Certificate Store.

The certificate should be available now in IIS Certificates.

The Certificate is now available.

We need to export the Certificate and also the Private Key File.

  1. Right click on the Certificate and then click on View.

  1. Click on Details Tab and then on "Copy to File".

In the next window we have the possibility to choose to export the Certificate or the private Key.

Start with Exporting the Private Key.

  1. Therefore, please click on "Yes, export the private key".

  1. In the next window, please check the settings like below and click next.

  1. Click on Password and choose a Password, type it two times in the correct fields and click next.

  1. Choose a name and directory where you want to save it and click next and then finish - you should get then a confirmation that it was successfull.

Now we are going to Export the Certificate.

  1. Again right click the Certificate in IIS and click on View.

  1. Click on Copy to File.

  1. In the next window choose now "No, do not export the private key".

  1. Click Next and choose the format "DER encoded binary X.509"
  2. Click Next and choose a filename and directory where you want to save now the Certificate.

  1. Click Next and Finish.

You should now have both, the Certificate and also the private key exported.

Was this article helpful?

Please, contact us if you have any additional questions.