how to create self signed certificate in windows for localhost

Create a Self-Signed Certificate for Localhost (Windows)

To create a self-signed certificate for localhost on Windows, open PowerShell as Administrator and run:

New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\LocalMachine\My" -FriendlyName "LocalhostCert" -NotAfter (Get-Date).AddYears(10)

This generates a certificate in the Personal store. You must move it to the Trusted Root Certification Authorities store to avoid browser warnings.

Steps to Create and Trust a Localhost Certificate

Step 1: Open PowerShell as Administrator

Right-click the Start button and select:
"Windows PowerShell (Admin)" or "Terminal (Admin)".

Step 2: Generate the Certificate

Run the following command:

New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\LocalMachine\My" -FriendlyName "LocalhostCert" -NotAfter (Get-Date).AddYears(10)

Step 3: Trust the Certificate

1. Press Win + R
2. Type certlm.msc and press Enter
3. Go to Personal > Certificates
4. Find the certificate named "LocalhostCert"
5. Right-click → Copy
6. Navigate to Trusted Root Certification Authorities > Certificates
7. Right-click → Paste

Step 4: Verify

You can now bind this certificate in IIS or your local development server. Browsers should trust it without security warnings.