HOW TO CREATE SELF-SIGNED SSL CERTIFICATES IN WINDOWS 10

Open a PowerShell window in Administrator mode, and enter the following command:

New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My

-DnsName "mysite.local" -FriendlyName "MySiteCert" -NotAfter (Get-
Date).AddYears(10)

Example :- New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My

-DnsName "ssl.saiuae.local " -FriendlyName "paloaltoURLF" -NotAfter (Get-
Date).AddYears(3)

This will create a self-signed certificate specific for mysite.local that is valid for 10 years.
You can modify the number of years by changing the value in the AddYears function.

Once the certificate is created, you should copy it to the Trusted Root Certification
Authorities store. Using Cortana search in Windows 10, type "certificate" until you see the
"Manage computer certificates" option and open it. Follow these steps:

1. In the left panel, navigate to Certificates - Local Computer → Personal → Certificates

2. Locate the created certificate (in this example look under the Issued To column
"mysite.local", or under the Friendly Name column "MySiteCert")
3. In the left panel, open (but don't navigate to) Certificates - Local Computer →
Trusted Root Certification Authorities → Certificates
4. With the right mouse button, drag and drop the certificate to the location opened in
the previous step
5. Select "Copy Here" in the popup menu

Open IIS, navigate to your site, and add an https binding to it. Make sure you enter the host
name, check the "Require Server Name Indication" checkbox, and select the SSL certificate
"MySiteCert" (or the friendly name you entered during the certificate creation). Test your site
by opening a web browser and entering "https://mysite.local/", and you shouldn't be getting
any invalid certificate warnings.