Believe2014
Reputation: 3964
KeyAlgorithm for SHA256
The PowerShell command below creates a self-signed certificate with SHA1 as signature algorithm.
New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" -CertStoreLocation "cert:\LocalMachine\My" -Provider "Microsoft Strong Cryptographic Provider"
Is there any value that I can pass to this command (for example: -KeyAlgorithm) to make the certificate generated using SHA256 as signature algorithm?
Upvotes: 17
Views: 11053
Answers (1)
Crypt32
Reputation: 13954
KeyAlgorithm parameter defines the public key algorithm which is not related to signature algorithm (what you are trying to accomplish). Instead, you need to use -HashAlgorithm parameter and specify SHA256 as a parameter value:
New-SelfSignedCertificate -DnsName "MyCertificate", "www.contoso.com" `
-CertStoreLocation "cert:\LocalMachine\My" `
-Provider "Microsoft Strong Cryptographic Provider" `
-HashAlgorithm "SHA256"
Upvotes: 28
Related Questions
- How do I remedy "The breakpoint will not currently be hit. No symbols have been loaded for this document." warning?
- What are the correct version numbers for C#?
- What is the best algorithm for overriding GetHashCode?
- Path.Combine for URLs?
- Update x509Certificate2 with correct Cryptographic Service Provider in Bouncy Castle
- How to extract all the list of digest algorithm from signed dll using PowerShell?
- PowerShell 6.* Remoting using SSL certificate and UBUNTU
- Signed XML signature verification for SSO SAML (Using sha256)