How to Generate a Self Signed Certificate

This document covers how to generate a self signed certificate that can be used with Foray ADAMS^®. This is for use on standalone systems that have no way to open public ports 80 and 443 and do not have access to an internal CA.

1. Open an elevated Powershell prompt

2. Run the following command, replacing the values in <>
   
   
   

   New-SelfSignedCertificate -FriendlyName "<FQDN DATE>" -Subject "<FQDN>" -DnsName "<FQDN>" -CertStoreLocation "Cert:\LocalMachine\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256

   
   Ex 1: A personal, non-domain, machine

   New-SelfSignedCertificate -FriendlyName "MYMACHINE 2023-08-10" -Subject "MYMACHINE" -DnsName "MYMACHINE" -CertStoreLocation "Cert:\LocalMachine\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256

   
   Ex 2: A work machine joined to a domain (this is really a situation where an internal certificate authority should be used)

   New-SelfSignedCertificate -FriendlyName "MYMACHINE 2023-08-10" -Subject "MYMACHINE.MYDOMAIN.LOCAL" -DnsName "MYMACHINE.MYDOMAIN.LOCAL" -CertStoreLocation "Cert:\LocalMachine\My" -KeyExportPolicy Exportable -KeySpec Signature -KeyLength 2048 -KeyAlgorithm RSA -HashAlgorithm SHA256

    

3. Open “Manage computer certificates”

4. Personal > Certificates

5. Right click the certificate you just created

6. Copy

7. Trusted Root Certificate Authorities > Certificates

8. Right click on Certificates

9. Paste

You can now use the certificate in IIS.

Remember, you will need to access ADAMS applications using the fully qualified domain name. Ex: https://MYMACHINE/AdamsWeb