Menu Close

Creating a new certificate for signing (newcert)

This article is about the usage of command line interface. More information about CLI usage and how to get started can be found here: Command Line Interface (CLI) Reference

In order to create a new test certificate for signing, use the following command line syntax:

MSIXHeroCLI.exe newcert --name "<name>" --subject "<subject>" --password "<password>" --directory "<target-directory>" [--import] [--validUntil <date>]

For example:

MSIXHeroCLI.exe newcert --name "Marcin Otorowski" --subject "CN=Marcin Otorowski" --password "Start123" --directory "c:\my-certificate"
MSIXHeroCLI.exe newcert --name "Marcin Otorowski" --subject "CN=Marcin Otorowski" --password "Start123" --directory "c:\my-certificate" --import

You can also use shorter form of arguments.

MSIXHeroCLI.exe newcert -n "Marcin Otorowski" -s "CN=Marcin Otorowski" --p "Start123" -d "c:\my-certificate"
MSIXHeroCLI.exe newcert -n "Marcin Otorowski" -s "CN=Marcin Otorowski" --p "Start123" -d "c:\my-certificate" -i

All parameters, except of --import (-i) and --validUntil are required.

  • –import (-i)
    If defined, the new certificate will be automatically imported to the Trusted People store. You must run MSIX Hero as an administrator in order to be able to use this switch. Otherwise, access denied error will be returned when trying to import the certificate.
  • –validUntil
    The expiration date (in a format returned by default by Get-Date cmdlet). If not provided, one-year validity period will be used. Note that this option has been available since MSIX Hero 1.4.3.

The result of execution is an extracted folder, containing a .pfx file (public and private part) and .cer (public part). You can use them as input to other command supported by MSIX Hero, for example sign or trust.

The command returns the following exit codes:

Exit codeMeaning
0The extraction has succeeded.
1Unspecified error.
2-10Invalid parameters or other command-line related errors.
<any other>Win32 error code if certificate could not be created or imported.