Powershelling:
$mycert=@{ Subject ='CN=myhost.mydomain.tld'; DnsName ='myhost.mydomain.tld'; KeyLength =2048; HashAlgorithm ='SHA256'; KeyUsage ='DigitalSignature'; KeyExportPolicy ='Exportable'; KeySpec ='Signature'; NotAfter =(Get-Date).AddYears(10); } New-SelfSignedCertificate @mycert