creating a self signed root certificate in Powershell

Question

I am a teacher, using Microsoft Azure learning modules to introduce students to Azure. One of the steps In an exercise to create a VPN Gateway has the students type in the following Powershell command.

$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject "CN=P2SRootCert" -KeyExportPolicy Exportable
-HashAlgorithm sha256 -KeyLength 2048 `
-CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign*

The command generates the following error message:

New-SelfSignedCertificate: The term 'New-SelfSignedCertificate' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Any help would be appreciated.

Answer 1

Hi @Watne, Jeffory ,

ah I got it. Just use your local computer running Windows 8.1/10 and create the Self Signed Cert locally.
That's the easiest way I think.

As an alternative you could install the PSPKI module, which is a different module as the PKI module in the "Azure PowerShell CLI"
https://www.powershellgallery.com/packages/PSPKI/3.7.1

The commands of PSPKI and PKI module are different. After PSPKI module is installed you can use Get-Command -Module PSPKI to list the available commands.

----------

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

Answer 2

Hi @Watne, Jeffory ,

on witch OS do you run the New-SelfSignedCertificate?
In Windows 7 this command isn't available. On Windows 8.1/10 and Windows Server 2012R2 and above the cmdlet New-SelfSignedCertificate should be available.

----------

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten