Sign Up for Training |
Jet Express Support |
Jet Reports Company Site
Jet Reports Financials
Jet Professional
Jet Enterprise
Submit a Request
Give Feedback

How To Create a SHA-256 Self-Signed Certificate

Moderate - requires admin permissions


Self-signed certificates are acceptable for testing anything used internal. By default, certificates created through Internet Information Services (IIS) on most Windows OS versions create a SHA-1 certificate by default versus a SHA-256 certificate. SHA-1 certificates are less secure due to their smaller bit size and were being sunset in 2017 for all web browsers. .


  1. Run PowerShell as administrator

  2. Run the following command to create the certificate:

    New-SelfSignedCertificate –DnsName <Computer name> -CertStoreLocation “cert:\LocalMachine\My”
    <Computer name> should be the name of the computer hosting the Jet Web Portal.  It should be fully qualified with the domain name (
  3. Next, we need to add the self-signed certificate as a trusted certificate authority...

    Run MMC -32 as administrator

  4. Select File > Add or Remove Snap-ins


  5. Select Certificates and then click Add


  6. Select Computer account and press Next


  7. Select Local computer


  8. Click Finish

  9. Click OK

  10. Find the certificate in Personal > Certificates:


  11. Right-click on the newly created certificate and then select Properties.  Input the desired Friendly Name field for the certificate based upon what you are testing.  Once completed, select the Apply button followed by OK.


  12. Right-click on the certificate and choose Copy

  13. Expand Trusted Root Certificate Authorities

  14. Right-click on the Certificates folder

  15. Select Paste


  16. In IIS Manager, you can now see the self-signed certificate with SHA-256 as the SSL certificate.



Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request