Self Signed Certificates in Edge on Windows 2022

When setting up a server for training purposes I wanted to create a self signed certificate for app1.example.com and trust it in Edge on Windows Server 2022.

Normally when I create a self signed certificate on Windows Server I just use the IIS Server Certificates button Create Self-Signed Certificate, but I found that even if you tell Edge to trust that one, it will still show a Not Secure certificate warning because the Common Name (CN) of the certificate will be the computer name, and does not match the domain name (app1.exmaple.com) in my case.

To get around this you can use PowerShell to generate a self signed certificate like this:

New-SelfSignedCertificate -DnsName app1.example.com -FriendlyName app1.example.com -NotAfter (Get-Date).AddYears(10) -CertStoreLocation "Cert:\LocalMachine\My"

After you do that it will show up in the IIS Server Certificates window and will be available to use in IIS. You can export the certificate by right clicking on it in Server Certificates and selecting View, then in the Details tab you can click the Copy to File button.

To make it trusted in Edge you can right click the .cer file you just exported, and then click on Install Certificate. To make it trusted you can select the Enterprise Trust certificate store. I don't really recommend doing this on a production server, especially since you can now get free trusted domain validated certificates using services like Let's Encrypt. Using self signed made sense in this scenario since the server was for training purposes.