SSL is important these days as browsers warn about it if it’s not available on the website. This is applicable for local sites, i.e., websites you host on the computer for testing purposes. Purchasing an SSL certificate for the local site is not of much use, and you can instead create self-signed SSL certificates in Windows 11/10 for such sites. This post will guide you through the process.
Create Self-signed SSL Certificates in Windows 11/10
Open a PowerShell window with admin privileges. Execute the following command. Make sure to set the exact site name you plan to use on the local computer,
New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "mylocalsite.local" -FriendlyName "MyLocalSiteCert" -NotAfter (Get-Date).AddYears(10)
If you want to test all the original certificate parameters, you can use the
CloneCert parameter —more on the official document.
Read: How to manage Trusted Root Certificates in Windows 10.
How to apply or install the certificate on the local website on the computer
Once you have the certificate, you will need to install the computer certificate so browsers can find it. You will need to copy it to the Trusted Root Certification Authorities store.
In the Start Menu, type Manage computer certificates and click to open the Local computer certificates storehouse. You will need admin permission to complete the process.
- Navigate to Certificates – Local Computer > Personal > Certificates. This place stores all the local certificate that is created on the computer.
- Find the certificate you have created.
- Next, on the left panel, expand Trusted Root Certification Authorities > Certificates.
- Drag and drop the local certificate and drop into this folder
- You can also copy and paste it.
Once done, make sure to access the local site with HTTPS instead of HTTP. You may have to make the changes to the webserver so any time the local site is accessed, it redirects to the secured version.
I hope the post helped you create a local SSL certificate and install it on the computer, so the browsers don’t warn about the missing encryption.