Self Signed Certificate in Windows without makecert?

[Unfortunately, I can't comment on anything yet, so I'll post this as an answer.]

I see that this post is a bit old, but I'm in a similar boat and I found this in the Visual Studio 2008 redist.txt file:

Windows SDK Files

Subject to the license terms for the software, the following files may be distributed unmodified:

MageUI.exe
Mage.exe
Makecert.exe

Not sure if something has changed (and if my interpretation is correct), but it looks like makecert.exe included as part of the Windows SDK, which is in-turn included as part of the VS2008 install can actually be redistributed.

You can now Create Self Signed Certificates with PowerShell The commands you need are New-SelfSignedCertificate and Export-PfxCertificate. Ex: to create a certificate

New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname orin.windowsitpro.internal

to export it

Export-PfxCertificate -cert cert:\localMachine\my\CE0976529B02DE058C9CB2C0E64AD79DAFB18CF4 -FilePath e:\temp\cert.pfx -Password $pwd

This link is really helpful

https://www.itprotoday.com/powershell/creating-self-signed-certificates-powershell

Woohoo! It's time for pinvoke for you

crypt32 provides a CertCreateSelfSignCertificate function; if that succeeds you can store it in the user's personal store (or the machine store assuming you're working elevated)