If you are using version 4+ of PowerShell, then instead of using the older makecert utility or the IIS Manager you can simply use New-SelfSignedCertificate cmdlet.
In this article I’ll provide a small Powershell script that can assist in creating a self-signed certificate in the local machine personal store.
Powershell prompt with privileges
First, open a command prompt with privileges (“Run as Administrator”), so that you can access the local machine cert store. Then check that you are using at least version 4 of powershell.
powershell -executionpolicy bypass PS> $psversiontable.psversion.major
Run script
Download my newSelfSignedCert.ps1 script from github and place it on your local machine. Run it like below from the privileged console open earlier:
.\newSelfSignedCert.ps1 myserver.com Certp4ss!
This is specifying that you want the subject and SAN name to be “myserver.com”, and the exported pfx will use the password “Certp4ss!”. Clearly, you will want to use a hostname and trusted password for your particular needs.
This is all enabled by the New-SelfSignedCertificate Powershell cmdlet enabled since PowerShell 4.
$cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname $cn
Result
If you open up mmc, and the Windows certificate manager for the machine account you will now see this new certificate in the Computer level Personal trust store.
REFERENCES
petri.com, Creating a self signed cert using powershell
stackoverflow, import pfx using powershell
microsoft, parameter descriptions for New-SelfSignedCertificate
microsoft, requires directives in Powershell