To create the code signing certificate using PowerShell (using Administrator prompt):
$cert = New-SelfSignedCertificate -Subject "My Certificate" -Type CodeSigning -CertStoreLocation Cert:\CurrentUser\My -NotAfter (Get-Date).AddYears(100)
To export the certificate from the certificate store:
$certPassword = ConvertTo-SecureString -String "passwordhere" -Force –AsPlainText
$cert | Export-PfxCertificate -FilePath "mycert.pfx" -Password $certPassword
To retrieve the public key from a PFX certificate using Powershell, use the following command:
$publicKey = (Get-PfxCertificate -FilePath mycert.pfx).GetPublicKey()
To convert the public key to a hex string without hyphens you can use this command:
[System.BitConverter]::ToString($publicKey).Replace("-", "")
To get the base64 string of the SHA1 thumbprint of a PFX certificate use the following:
$publicKey = (Get-PfxCertificate -FilePath mycert.pfx).GetPublicKey()
$sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider
$hash = $sha1.ComputeHash($publicKey)
[System.Convert]::ToBase64String($hash)
To get the base64 string of the SHA1 thumbprint of a PEM certificate use the following:
$publicKeyBase64 = [String]::Join("", (Get-Content -Path mycert.pem)[1..7])
$publicKey = [Convert]::FromBase64String($publicKeyBase64)
$sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider
$hash = $sha1.ComputeHash($publicKey)
[System.Convert]::ToBase64String($hash)