Creating Self-Signed CA Certificate with makecert.exe

Question

I am trying to create Self-Signed CA Certificate on 32bit Windows 7 (virtual). The makecert is v7.1 located in C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin>.

Whenever i try to execute this command (elevated) ...

makecert.exe -r -n “CN=MyCert CA” -pe -sv MyCert.pvk -a sha1 -len 2048
             -b 09/04/2012 -e 09/04/2018 -cy authority MyCert.cer

...I get prompted for password but when i confirm it I get:

Error: CryptCertStrToNameW failed => 0x80092023 (-2146885597) Failed

Any help would be apreciated.

Regards.

Answer 1

I copied your command into a command prompt and got the same error. However, I retyped the command and it worked. I suspect one of the characters in the name argument "CN=MyCert CA" is a special character, possibly copied from a word processor.

Answer 2

This is an old question, but it would appear that you're using word processor "smart quotes" rather than ASCII double quotes.

So the problem isn't with makecert, but with how you entered the command. The windows command shell, cmd.exe, doesn't see “CN=MyCert CA” as a quoted word. It instead sees two barewords, “CN=MyCert and CA”, with the "smart quotes" being part of the word.

• The ASCII straight double quote, " has a code point of U+0022 (aka '\x22' in C# or C).
• The left double "smart" quote", “ has a code point of U+201C (aka '\u201C' in C#).
• The right double "smart" quote, ” has a code point of U+201D (aka '\u201D' in C#).

And thus the error.

Answer 3

You can also get the same error if you don't have CN= in the name.

For example I had this error with -n "My Name" , but it succeeded with -n "CN=My Name"

Answer 4

Wrong Way = “CN=MyCert CA”

Right Way = “CN=MyCert”

Right Way = “CN=NameOfCert”

12345432123454321

enter code here