Bannister Lake does not provide certificates. If you need a certificate there are a number of options available. You can review these and decide what suits your environment and needs.
If your site is public facing and available via the internet you will need a certificate from a signing authority. However if you are only accessing it via your local server you can use a self-signed certificate.
Self-Signed Certificates
Using Windows PowerShell Command Line
Creating a self-signed certificate for you machine/localhost can be done using the Windows Powershell command line.
Start the Powershell as Administrator.
Then this command script can be used to create a new self-signed certificate that can be used with localhost or the machine name in the URL and add it to the Trusted Root store. It will expire in 1 year from creation.
$cert = New-SelfSignedCertificate -FriendlyName "LocalSelfCert2019" -DnsName "localhost", $env:COMPUTERNAME -CertStoreLocation "cert:\LocalMachine\My"
$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine
$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()
Notes
To have a certificate with a non-default expiry you can add a -NotAfter parameter.
Example:
New-SelfSignedCertificate -DnsName "localhost", $env:COMPUTERNAME -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddMonths(24)
For documentation of the New-SelfSignedCertificate command see: https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate?view=win10-ps
Thanks to https://vcsjones.com/2013/11/08/making-a-self-signed-ssl-certificate-and-trusting-it-in-powershell/ for main ideas of this scriptlet.
Using IIS Manager
Creating a self-signed certificate for your machine using IIS Manager is quite easy to do. These steps will create a certificate based on your machine name.
The certificate generated in this way will reference the machine name and the URL used to access it must then use the machine name (not localhost) - example: https://bl-asus-2014-a/chameleon/
Launch IIS Manager
Navigate to the server for which you want to create the certificate
In the Features view double-click the Server Certificates icon.
In the Actions pane click the Create Self-Signed Certificate
Type in a friendly name to identify the certificate that will be created.
Click OK.
Viewing Certificates
To view the list of available certificates in their stores you can use the Certificate Manager Console snap-in.
Certmgr.msc
Look in the Certificates (Local Computer) - both the Personal and Trusted Root Certification Authorities folders to see the relevant certificates.
If you have a certificate in the Personal folder and want to enable it to be trusted - copy it to the Trusted Root Certificate Authorities Certificate folder and then it will be trusted on that machine.
Signing Authorities
Let’s Encrypt
You can get a certificate for free and automate it’s creation and renewal using Let’s Encrypt and related tools such as
Certify https://certifytheweb.com/
Windows ACME Simple (WACS) https://github.com/PKISharp/win-acme
ACMEShart https://github.com/ebekker/ACMESharp
Commercial Certificates
You can also purchase certificates from other traditional existing Certificate Authorities. Simply do an internet search for: “ssl certificate” using google.