Create custom CA
openssl req -new -x509 -extensions v3_ca -keyout custom-ca.key -out custom-ca.crt -days 3650 -nodes
Create server private key
openssl genrsa -out server-certificate.key 1024
Create certificate request signed with generated key
openssl req -new -key server-certificate.key -out server-certificate.csr -nodes
Create server certificate from previously generated certificate sign request
openssl x509 -req -days 3650 -in server-certificate.csr -CA custom-ca.crt -CAkey custom-ca.key -set_serial 01 -out server-certificate.crt
Combine server private key and certificate into pfx container
openssl pkcs12 -export -nodes -in .\server-certificate.crt -inkey .\server-certificate.key -out server-certificate.pfx
Powershell to find server certificate thumbprint and allow usage
$port=5002
$certThumb=Get-PfxCertificate .\server-certificate.pfx | select -expand Thumbprint
$appId = [guid]::NewGuid() | select -ExpandProperty guid
invoke-expression "netsh --% http add sslcert ipport=0.0.0.0:$port certhash=$certThumb appid={$appId}"
Create netsh reservations
netsh http add urlacl url=https://+:5002/ user=YOUR_USERNAME
netsh http add sslcert ipport=0.0.0.0:5002 certhash=YOUR_THUMBPRINT_WITHOUT_SPACES appid={06aabebd-3a91-4b80-8a15-adfd3c8a0b14}