Create self-signed SSL certificate for Azure

Creating a self-signed certificate is simple - when you know the correct commands.

First, create the certificate and private key:

makecert -r -sv example-org.pvk example-org.cer -a sha1 -n "CN=www.example.org" -pe -len 2048 -sky exchange -eku 1.3.6.1.5.5.7.3.1

(specify some password, remember it)

Next, combine the cert and private key to PFX:

pvk2pfx -pvk example-org.pvk -spc example-org.cer -pfx example-org.pfx -f

Now, this should be good enough, but it’s not. Apparently, Azure is having some issues with the PFX files generated through the command line tool. A quick fix is to import the certificate to the Windows certificate store and then export from there.

To import, simply open the example-org.pfx from Explorer. When importing, you need the password. Remember to check the allow private key export checkbox. You can use any store, but I used the personal one.

Once this is done, start up certmgr.msc and locate the certificate and export it (right-click, all tasks, export). Remember to also export the private key. Set some password and remember it.

After this, you can go to Azure Management and upload the certificate.