Create a Security Certificate for .NET SSO Samples Using Windows 10 or Later

By default VMware provides you a certificate in the .NET SSO samples directory which is not password protected. Use this procedure to replace the certificate if you are running Windows 10 or later.

1. Open a PowerShell window, running as Administrator.
   Type powershell in the task bar search field, then right-click Windows PowerShell and select Run as Administrator.
2. Change to the .NET SSO samples directory.
   cd installed_directory/SDK/ssoclient/dotnet/cs/samples
3. Delete the default certificate provided by VMware.
   del *.pfx *.cer
4. Use the New-SelfSignedCertificate command to generate a PowerShell certificate object.
   $cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -subject "CN=*.vmware.com, OU=Ecosystem Engineering, O=`"VMware, Inc.`", L=Palo Alto, ST=California, C=US" -KeySpec KeyExchange -KeyExportPolicy Exportable -KeyUsage DigitalSignature
5. Create a password to protect the certificate.
   $pwd = ConvertTo-SecureString -String 'password' -Force -AsPlainText
6. What on earth is going on here?
   $path = 'cert:\localmachine\my\' + $cert.thumbprint
7. Use the Export-PfxCertificate command to generate a certificate file from the certificate object.
   Export-PfxCertificate -cert $path -FilePath certificate\testssoclient.pfx -Password $pwd
8. Update the certificate password used in the .NET SSO samples.

   The password is used in line 553 of the file vmware.binding.wstrust/samltokenhelper.cs, in the following statement:

   signingCertificate.Import(certificateFile, "password", X509KeyStorageFlags.MachineKeySet);

9. Rebuild the SSO solution.