You should have your own machine certificate, but if not you can create a self-generated certificate.
To create a self-generated certificate:
- Start Powershell with administrator privileges
- Navigate to the Certs folder which is contained in the main folder of the software
- Type the following into Powershell: .\MakeCerts.ps1
Enter a password (the same one) for each prompt. When finished it will open a notepad with the certificate encoded value and thumbprint. You can replace the blank entries in setup.ini with these lines under the `[setup]' section.
If you are using an existing certificate (and not generating a new one as shown above), follow these directions:
To get the certificate encoded value and thumbprint from a machine certificate (self generated or not), open the MMC snap-in and select "Certificates" for the local computer. Under Certificates (Local Computer)/Personal/Certificates there should be your machine certificate. Right click that and select All Tasks | Export (don't export private key) and then export the file as Base 64. Open that file up in an advancced text editor like Notepad++ and delete the certificate header and footer. Next remove the CRLF (\r\n) characters to get the certificate encoded value on one line. Put this string after WCERT_encodedvalue= to get something like:
WCERT_encodedvalue=MIICGDCCAYGgAwIBAgIQgCe9inI+tqxBm5h4Y4QnSzANBgkqhkiG9w0BAQQFADAiMSAwHgYDVQQDExdXSU4tNkxBMlFRT1RVNzcgUm9vdCBDQTAeFw0xODEwMjMxNzM0MDNaFw0zOTEyMzEyMzU5NTlaMBoxGDAWBgNVBAMTD1dJTi02TEEyUVFPVFU3NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvD6wnh1a5/jhvQZUJ9OKGI+cPt4XoF9TDDKrNKEwMDmYB+/6t/GMj77qqhDIInxmixHTCQXz30FJ4byZ2hViaPKaXoiiQQbpNwc4+8o8IkyJ92sNzPXHL5+ptOIiYV/TBzIlqdGmEeUC8CjiJA8KNgKy/1KqyrBG/45buwYOF5cCAwEAAaNXMFUwUwYDVR0BBEwwSoAQB2rcGLun/90RS8i1Keh3AqEkMCIxIDAeBgNVBAMTF1dJTi02TEEyUVFPVFU3NyBSb290IENBghBnEgi+2pZLrU0y9qK7Gyi0MA0GCSqGSIb3DQEBBAUAA4GBAKGMscro0G9EM901Iy7QFnVZmEw9a8afabLgNQsoAiUk8j2b/0/HtPE0rldBWOU6ojfq0ABh5FFMV4MOP6eXA/bF7/lJ3m9akDoID7ZFWAvdmzmtgsABjN9znpfavY1cyYOJqHrrmYb7xFExiLRiy6ftsgb4VYDqiTSdN7XTmL2s
Next, double click the certificate in the snap-in to open the certificate properties. Click on the Details tab and find the thumbprint value. Copy that to the clipboard and paste into your text editor. Remove the spaces in between the characters.
GOTCHA ALERT Sometimes there is "hidden" character before the first value of the thumbprint. The safest way to get rid of this is put your cursor just after the first character and press backspace several times which will delete the first character and any hidden ones. Manually type in the first value to fix the thumbprint.
Put this entire value after WCERT_THUMBPRINT= to get something like:
WCERT_THUMBPRINT=4aaf0a5f6cdfa3f5fd46bb4397cf971b269b70bc
Take both of these values and replace the blank entries in setup.ini under the `[setup]' section.
Next: Configure the setup.ini
Previous: Setting up IIS on Windows Server 2016