Unable to create certificates in some cases of Windows 10 and Windows 11

NndnG 1,111 Reputation points
2022-03-07T19:22:36.347+00:00

Hi,

To create a self-signed root certificate and to generate a client certificate, I used PowerShell scripts from the link https://learn.microsoft.com/en-us/azure/virtual-wan/certificates-point-to-site

I used both scripts in four system with Windows 10 and Windows 11.

In some systems, error message appeared like below

New-SelfSignedCertificate : Cannot bind parameter 'Signer' to the target. Exception setting "Signer": "Value cannot be null.
Parameter name: Signer"
At line:5 char:9

  • -Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
  • ~~~~~
  • CategoryInfo : WriteError: (:) [New-SelfSignedCertificate], ParameterBindingException
  • FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.CertificateServices.Commands.NewSelfSignedCertificateCommand

Please let me know the way to create a self-signed root certificate and to generate a client certificate so that I can create and generate certificate in any Windows 10 and Windows 11 system.

With Regards
NndnG

@suvasara-MSFT

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,836 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
10,149 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Reveroctorious 0 Reputation points
    2023-11-29T19:25:04.2+00:00

    You Do have to put some content in your certificate ( like a key - I found issues as I hardened the security baseline (requiring more than SHA 1)

    However you make a certificate in the EFS REKEY Wizard, search manage file encryption in the start menu > open EFS follow the prompts. image_2023-11-30_055413444.png . But the defaults are keys that can not meet HARDENED baselines - I have now decided to use yubikey x 2 as they're capable of smart card, multiple device, boot, OS and Online account passwordless managment.

    https://www.yubico.com

    Hope this helped

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.